Home » General » Discussions » OpenVZ with webmin
 OpenVZ with webmin [message #4857] |
Sat, 29 July 2006 18:22  |
rollinw
Messages: 25
Registered: June 2006
Location: Santa Barbara, California
|
Junior Member |
|
|
I have written an email message to the creator of webmin and the contributor who provided the OpenVZ module. Perhaps someone in this forum group has OpenVZ insights or ideas that might help make webmin a better fit for OpenVZ.
 "I have installed webmin on a virtual Suse processor under OpenVZ. The concept is great, and I congratulate you on leading the way in providing a centralized interface for controlling what I call a "server farm". After installing the webmin RPM, I also Installed the OpenVZ module contributed by "NH". The comments that follow are not intended as criticisms but as suggestive of the way your combined product might be improved.
When the OpenVZ configuration form came up, I saw that it expected things the path to vzyum, to /usr/sbin/vzctl, etc. Then it dawned on me that this module has to be installed on the OpenVZ hardware node to make it work. This may not seem like a big deal to non-OpenVZ people, but in fact it is. I don't want to get into copyright problems, so let me paraphrase the Hardware Node Availability Considerations section of the OpenVZ User's Guide, Chapter 2:
* The hardware node (HN) plays a key role in providing resources for all the virtual environments. If the HN goes down, they all go down.
* The HN can benefit from RAID, especially hardware RAID, to enhance total system reliability.
* Wherever possible, service applications should run on a Virtual Environment (VE) rather than on the HN.
* User accounts should be created on the VE's, and not on the HN.
In summary, the two major considerations for keeping the HN "lean and mean" are enhanced reliability/availability and total system security.
My reactions to this expression of OpenVZ philosophy are:
* I want my DNS to run in a VE
* I want my Samba server to run in a VE
* I want my NTP (time sync) to run in a VE
* I want all my Apache-based modules to run in a VE
* (in general) I want to dedicate a VE to perform admin tasks, including all (as much as possible) system support functions
For some modules this is not a problem. For any service that requires access to hardware or software under direct control of the HN, the current implementation of webmin has some issues.
Webmin provides an HTTP control for Apache modules that implement its modules. AFIAK, there are no webmin clients, and webmin services run on the same host where webmin resides.
Let me suggest an expanded webmin concept in which certain services could have client software on other OpenVZ nodes, including the HN. The down side is the possibility of introducing security vulnerabilities in the form of paths between nodes. On the positive side, of course, webmin could live on any node and appropriate client software on other nodes could cause the services to be performed there.
Your CGI scripts seem to be pretty much written in Perl. This same approach could be used for the client side implementations. You may have a good idea about how to go about this augmentation of the webmin concept. I might be able to help, if you presented a design concept. Although I used OpenVZ as an example of a needed cross-node implementation, I think there are also others (e.g., system backup, log rotation, etc.,) that could benefit from the expanded approach."
Thanks for your interest.
rollinw
|
|
|
|
|
|
| Re: OpenVZ with webmin [message #4869 is a reply to message #4864] |
Mon, 31 July 2006 20:12  |
rollinw
Messages: 25
Registered: June 2006
Location: Santa Barbara, California
|
Junior Member |
|
|
Kir,
Though my understanding of Plesk from SWsoft is limited, it appears to be a graphical front end to OpenVZ (or Virtuozzo). Thus it must reside on the hardware node. In this sense, it could be compared with some of the graphical system setup/control modules in Gnome or KDE.
Webmin attempts to capture the functions of both, to allow for graphics-based control over an extensive list of system admin functions. Through its web interface, webmin extends control over its host system functions to wherever the admin person might be on the network. But it controls the functions of only the server where it resides. The OpenVZ module came along later for support of virtualizing.
In Plesk there is a recognition that virtualization management can be done efficiently from a graphical interface. This is very helpful if you are a hosting facility with a large number of VEs.
If Plesk and webmin functions were integrated, one might have a graphical system that could manage a large collection of servers, some hardware-based and the others virtual. Let's say that I am a system admin for a large web presence of mixed environments. A hierarchy-based graphical web system like webmin would allow me to perform more quickly the routine maintenance functions on all these servers and eliminate the need for logging into one after the other to perform maintenance from their command line interfaces.
What would such a system look like? In an environment containing OpenVZ, the control server should reside on a VE. It would require some sort of client software on each server for which it provides control functions. Channels for control commands might involve some sort of secure network communication between servers for commands and data. These might be one of:
1. Http(s) with XML
2. A socket-based communications mechanism
3. A collection of 2-way VPNs between the affected servers
There are probably some issues I haven't thought of, but this could at least provide a starting point. This is probably not something the OpenVZ group want to get involved in, but maybe someone in the community will like the idea.
Rollin
rollinw
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| Re: OpenVZ with webmin [message #4989 is a reply to message #4988] |
Mon, 07 August 2006 18:39 |
|
|
I'd vote against Python and PHP, at least for the backends/core parts (although I consider it OK for the interfaces). Either C/C++ or, if you want scripting language, please consider Python.
From my side, I could help with organizing a GIT or SVN repository, mailing list, bugzilla, hosting and all that stuff...and perhaps some programming and infrastructure (like using auto* tools, packaging into RPM, etc.), too. I do believe that putting the source code into a repository at the early stages helps a lot
Kir Kolyshkin
|
|
|
|
|
|
| Re: OpenVZ with webmin [message #4992 is a reply to message #4989] |
Mon, 07 August 2006 19:46 |
rollinw
Messages: 25
Registered: June 2006
Location: Santa Barbara, California
|
Junior Member |
|
|
Kir,
(Spasibo)
I've loaded Kenny's original Webmin on 2 different environments. Also I have checked the directories under /webmin/ which the pages execute out of. Almost all the development is done using Perl cgi files (is that right, Kenny?). Even the http server is
based on a Perl mini-apache. But this is all server-side direct communications, since, except for the web interface, almost all the client-side execution code also resides there.
Obviously, the situation will change when when a communications interface is added and client-side modules need to be written for the server clients.
Kenny also mentions wanting to keep the implementation as compatible as possible to vzagent. That may imply having some scripts written in Python (a language I have yet to learn).
Your offer to help with some of the organizational aspects of this development is most welcome, I would think. I don't know if Kenny used his own Bugzilla, but certainly a public one would be very useful. I agree with you that the source is best managed in a central location using the appropriate tools. This is especially true if more than one person participates in the development. For example, I have glanced at HOWTOs for building RPMs, but I have never built one myself!
Many of these questions are up to Kenny, since he was the original Webmin developer. From his posts here up to now, I think he would like to take advantage of help of various kinds.
Your interest and mine are similar, but slightly different. I would like to have a tool, web-based, of course, to control real and virtual servers and to collect status information, etc. from them. My guess is that you see this area as a further development of the OpenVZ framework as an extension of the open software that already exists. You would agree that something like Plesk is needed, since not everyone will buy Plesk and not everyone would know how to integrate it into OpenVZ. Even SWsoft could benefit from this kind of development, because it could lead to new and better functions in Plesk.
My thoughts for now,
Rollin
|
|
|
|
|
|
|
|
|
|
|
|
| Re: OpenVZ with webmin [message #9403 is a reply to message #7705] |
Sun, 31 December 2006 08:06 |
artur
Messages: 13
Registered: December 2006
|
Junior Member |
|
|
I don't think SWSoft will be thrilled about this. The whole idea behind the virtuozzo product is that they provide a front end to openvz. Just be careful not to step on their bread and butter because we may just find them dropping support for openvz.
[Updated on: Sun, 31 December 2006 18:49] Report message to a moderator |
|
|
|
Goto Forum:
Current Time: Sat Nov 02 08:59:24 GMT 2024
Total time taken to generate the page: 0.05870 seconds
|
OpenVZ Forum
Members
Search
Help
Register
Login
Home
