Date: Wed, 28 Oct 1998 17:05:05 +0100 (CET) From: Andrzej Bialecki <abial@nask.pl> To: Terry Lambert <terry@whistle.com> Cc: small@FreeBSD.ORG Subject: Re: Unified Configuration Interface Message-ID: <Pine.BSF.4.02A.9810281702120.6616-200000@korin.warman.org.pl> In-Reply-To: <3636195C.535@whistle.com>
next in thread | previous in thread | raw e-mail | index | archive | help
[-- Attachment #1 --] Hi, Ok, your remarks convinced me that the document I sent needed a lot of clarification. So, here's the corrected version. How about that? Andrzej Bialecki -------------------- ++-------++ ------------------------------------- <abial@nask.pl> ||PicoBSD|| FreeBSD in your pocket? Go and see: Research & Academic |+-------+| "Small & Embedded FreeBSD" Network in Poland | |TT~~~| | http://www.freebsd.org/~picobsd/ -------------------- ~-+==---+-+ ------------------------------------- [-- Attachment #2 --] <html> <! $Id$ > <body> <h1><center> Unified Configuration Interface Project </center></h1> <p> Here's a preliminary attempt to organize all (well, most) configuration tasks and parameters of PicoBSD system in hierarchy of categories. </p> <p> This forms a sort of framework, basing on which one can implement consistent configuration file(s), and configuration utilities. </p> <p> However, the idea behind this project is to completely replace currently used configuration approach, which is based on several shell scripts, and to provide ability to change system behaviour basing on set of well-defined parameters' hierarchy. This approach makes it relatively easy to write consistent user interfaces, either command-line or with GUI front-ends.</p> <p> All items are grouped into sub-categories. Each item is shortly described, and its dependencies are listed. Perhaps each item should have a unique number, which designates order in which given configuration task is performed on startup... Or, the system startup routines should unwind dependencies into linear, ordered list. </p> <p><i><b>This is work in progress</b> - I'm aware that many pieces are either completely missing or misplaced. Please send any comments and changes you seem appropriate either directly to me, or better to freebsd-small@freebsd.org. I'll gladly welcome anyone who can help with design and/or implementation.</i></p> <hr> <h1><center> Unified Configuration Hierarchy (proposal) </center></h1> <ul> <li> <p>Let's first introduce distinction between the following terms: <ul> <li> <b>management base</b> - the actual structure holding configuration and information data according to defined structure. This structure will most probably have a form of tree (possibly with cross-branch links or some other mechanism representing mutual dependencies) - the way it's stored is also something which needs to be discussed. </li> <li> <b>user interface</b> - a method (and agent) for presenting data stored in management base in such a way that it can be viewed and modified by legitimate users. </li> <li> <b>configuration agent</b> - an entity performing actual configuration tasks, from one side dealing with management base, and from the other dealing with the system resources, and from yet another dealing either directly with the user (thus acting as a user interface), or passing requests to other entity which acts as user interface. </li> </ul> </li> <li> <p>One possible approach to storing the management data is to use already existing framework known as MIB, as defined in applicable RFCs.</p> <p>This approach has several advantages: it represents well thought-out work of many experienced individuals and teams, it has already proven to be useful, it's widely used and accepted, it's easily extensible, it's able to represent quite complicated objects, etc.</p> <p>It has some drawbacks, as well: e.g. there is no standard mechanism for representing events and indirectly related objects, it tends to create deep and narrow trees which require to descent several levels to change some commonly used parameters, it doesn't say anything about the mutual dependencies between objects and parameters (except parent-child-sibling), and about required sequence to properly set their parameters, etc.</p> <p>These issues are not directly addressed in standards, and real implementations (known to me) have to implement these additional mechanisms "behind the scenes", so that their workings are not obvious nor easily accessible (let alone changeable).</p> <p>So, if we decide to use it, we need to address these issues somehow.</p> </li> <li> <p>Actual user interface is still quite another story: I've seen UIs which merely followed the standard MIBs, and menus were composed of actual OID numbers plus DESCRIPTION field. In my experience, they are (barely) acceptable, though due to the usual width and depth of MIB trees you had to traverse several levels down and up in order to change some (protocol-wise) related parameters.</p> <p>More acceptable UI would collect interrelated items under common menu entries, irrespectibly of their actual position in the MIB tree.</p> <p>A worthwhile goal to pursue is to create such an UI which could guide you through the most common configuration tasks, while at the same time allowing for unrestricted and quick use by power users. This can be done either as a set of configuration "wizards" or extensive hinting, command completion, etc.</p> </li> <li> <p>The management database should be easily exportable via standard protocols, such as SNMP or LDAP.</p> <p>Most known to me (if not all) implementations of agents for these protocols are (contrary to their name) quite heavy-weight - so their use should be either optional, or replaced with some other light-weight protocol and a proxy agent running on other machine.</p> <p>It's worthwhile to consider also use of other protocols such as DHCP (and BOOTP), Service Location Protocol (SLP - RFC2165) for easy integration with LAN resources, easy initial configuration, and peer discovery.</p> </li> <li> <p>All operations performed by configuration agent should be transactional, i.e. it should be possible to commit a set of changes as one logical entity, and be sure that either it's applied in whole, or not at all. This includes also ability to abort processing in the middle.</p> <p>Operations should be verified against allowed values, as well as against allowed credentials, and basing on this either committed or aborted.</p> </li> <li> <p>A few notes on possible implementation of configuration agent:</p> <ul> <li> let's assume that all configuration information is read on startup by some specialized daemon (this can be part of init(8) as well), which then performs role of communication agent through which passes all configuration information, be it request for change, request for info, request for start / shutdown, or notification about the change. </li> <li> configuration information itself is stored either in binary database, or as a filesystem hierachy mimicking configuration items hierarchy. </li> <li> each user-level program performing some task (such as routing daemon, inetd etc) is either equipped with the ability to communicate with config agent, or is relinked with special stub which fakes to the program necessary config files and events (such as signals to reread configuration). <p>This probably means also that some libc routines would have to be replaced, because they assume reading configuration from certain disk files.</p> </li> <li> each user-level program performing some task requests its initial config data from config agent, at the same time registering with it to receive configuration events, such as request to re-read data, to provide currently used config data, return status, react for signals, restarts, etc... </li> <li> user interface is then just one of clients of config agent, albeit possessing special privileges. </li> </ul> </li> </ul> <hr> <p>Here is my initial proposal, which perhaps can be used as a model for user interface hierarchy, if not for the management base itself.</p> <ul> <li> System configuration. <ol> <li> Boot device and file <br> <small>Name of the boot device (possibly networked) and boot image.</small> <ol> <li> (Enumeration of available devices) <ol> <li> (Enumeration of available files) </li> </ol> </li> </ol> </li> <li> Config file <br> <small>Configuration file management - loading and saving, either local or remote (if applicable). </small> <ol> <li> Load / Save <ol> <li> Source / Destination <br> (Enumeration of available storage places, possibly networked) </li> </ol> </li> <li> Edit directly (geek mode) </li> </ol> </li> <li> Loadable modules <br> <small>Optional hardware, services and protocol modules management. </small> <ol> <li> (Enumeration of available loadable modules) <ol> <li> Load / unload / status </li> </ol> </li> </ol> </li> <li> Resource management <ol> <li> Memory consumption </li> <li> Task priorities <ol> <li> List / Modify </li> </ol> </li> </ol> </li> <li> System console </li> <li> Virtual consoles (if applicable) </li> <li> System Date / Time Zone </li> <li> Banner </li> <li> Logging <ol> <li> Local logging </li> <li> Remote logging </li> </ol> </li> </ol> </li> <li> Network configuration. <ol> <li> Hostname and Domain </li> <li> Interfaces <ol> <li> (Enumeration of physical interfaces) <br> (Enumeration of virtual interfaces, if applicable) (Options for creating virtual interfaces, if applicable) <ol> <li> Interface options (speed, media, encapsulation, description, etc.) </li> <li> ARP </li> <li> Bridging </li> <li> IP <ol> <li> Adress / netmask / alias </li> </ol> </li> <li> IPX </li> <li> AppleTalk </li> </ol> </li> </ol> </li> <li> Protocol Options <ol> <li> IP, UDP, TCP, ARP, IPX, ATM ... <br> (Enumeration of available protocols) <ol> <li> (Enumeration of protocol specific options, such as buffer sizes, algorithms, ARP tables etc) <ol> <li> List / Add / Delete / Modify / Set (where applicable) </li> </ol> </li> </ol> </li> </ol> </li> <li> Routes <ol> <li> List </li> <li> Static <ol> <li> Add / Delete / List <ol> <li> (route expression) </li> </ol> </li> </ol> </li> <li> OSPF </li> </ol> </li> <li> Network services <ol> <li> DNS <ol> <li> Hosts <ol> <li> Add / Delete / List <ol> <li> (hosts definitions) </li> </ol> </li> </ol> </li> <li> Resolvers <ol> <li> Add / Delete / List <ol> <li> (hosts addresses) </li> </ol> </li> </ol> </li> <li> Local DNS server config </li> </ol> </li> <li> PPP <ol> <li> Server </li> <li> Client </li> </ol> </li> <li> NFS <ol> <li> Server </li> <li> Client </li> </ol> </li> <li> NIS </li> <li> DHCP </li> <li> SNMP </li> <li> Printing <ol> <li> Local / Remote </li> </ol> </li> <li> SMB services </li> <li> Network Address Translation </li> <li> Packet filters </li> <li> Bandwidth Manager </li> <li> NTP </li> <li> Remote Access </li> </ol> </li> </ol> <li> User management. <ol> <li> User accounts <ol> <li> Add / Delete / Modify / List <ol> <li> Name / Password / ACL </li> </ol> </li> </ol> </li> <li> User profiles <ol> <li> Access Control Lists. <ol> <li> Add / Delete / Modify / List <ol> <li> Name / Template / Definition </li> </ol> </li> </ol> </li> <li> ACL Templates <ol> <li> Add / Delete / Modify / List <ol> <li> Name <ol> <li> Command restrictions list </li> <li> Location restrictions list </li> <li> Resources restrictions list </li> <li> Time restrictions list </li> <li> Authentication methods </li> </ol> </li> </ol> </li> </ol> </li> </ol> </li> </ol> </li> <li> Other services <ol> <li> Cron tasks </li> </ol> </li> <li> Filesystems. <ol> <li> Local / Remote <ol> <li> (Enumeration of available FS-s) <ol> <li> FS / Mounting point / Options </li> </ol> </li> <li> Swap Partition / Swap File <ol> <li> Create / Turn on </li> </ol> </ol> </li> </ol> </li> <li> Environment <ol> <li> Set / Unset / List </li> </ol> </li> <li> System status <ol> <li> (Enumeration of available status items) </li> </ol> </li> <li> Diagnostics <ol> <li> Debug <ol> <li> (Enumeration of subsystems hierarchy, those of which can provide debugging data) <ol> <li> Set / Clear / Level </li> </ol> </li> </ol> </li> <li> System messages </li> <li> Ping / traceroute / rtquery </li> </ol> </li> </ul> <hr> <i> <p>Please send your comments to <A HREF="mailto:abial@freebsd.org"> Andrzej Bialecki</a></p> <p>Last modified: Sat Oct 24 19:33:45 CEST 1998 </p> </i> </body> </html>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.02A.9810281702120.6616-200000>