www-gui-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Harrie Hazewinkel <harrie.hazewin...@jrc.it>
Subject Re: GUI-Dev
Date Thu, 21 Aug 1997 07:40:03 GMT
Randy Terbush wrote:
[snip]
> > >
> > Bingo- as a start we'd just "communicate" with apache via it's config
> > files.  In future, once this whole system is up and operational and
> > there is perhaps a mod_monitor or mod_snmp then we can gradually fold
> > this functionality into the server.  To my thinking the server would
> > have to be threaded before something like this could come to pass so
> > first things first. But using SNMP as a configuration language from the
> > start would make this this integration much easier and keep the number
> > of protocols required down to a minimum of one.
> 
> But..But...
> 
> Harrie has already written a mod_snmp. This is where I don't agree.
> The SNMP functionality needs to go in the server. As he pointed
> out, we will need to write the config MIB, but I'm excited to have
> a look at his tool to generate the C code from the MIB.

Depending on the mod_snmp integeration the current protocol engine is
not able to do writes and so. I deliberatly took them first out,
because this functionality wasn't needed. Also the tool to generate
C code from a MIB is a bit changed, since my first relaese of mod_snmp.
So if we ship in the protocol engine of my tool it is directly able to
do writes as well. The tool still need an extension in order to 
generate also all SNMP-set funtions. But that can be done quit quickly.

URL' for the 
mod_snmp -> http://www-musiq.jrc.it/software/snmp0b1_apache1_2b8.tar
		(This is also placed by Randy at Apache-site)
SNMP-toolkit -> http://www-musiq.jrc.it/~harrie/smut/smut_2b1.tar.gz

Writing such a config MIB is not that difficult aspecially if
I get a view on what the configuration toolkit does at the front
and how Apache needed to write this internally. This could be 
based on some earlier given object class example.

About mod_monitor and mod_snmp.
What should mod_monitor do in this case?? Provide already exisiting
statistics as the status module or the mod_snmp.
For the monitor part you can build the GUI on some PD SNMP-java classes,
I guess.

> 
> > > > This part is what I not completely get, maybe you can explain this??
> > > > An SNMP solution should be that the SNMP agent inside Apache
> > > > completely configures it. Something as the configuration tool
> > > > speak SNMP with the Apache agent and the SNMP-SET changes
> > > > directly the appriopriate variables in Apache (runtime).
> > > >
> > > > HH
> > >
> > Right now the configuration server would be a separate process on the
> > machine hosting the web server.  The configuration server would read and
> > then write changes to the configuration files and then HUP the web
> > server.  We can have the configuration server find out about the modules
> > installed in the web server by parsing the result of apache -h (I think
> > this is the flag- there's a flag which causes apache to spit out info on
> > which modules/options are compiled in similar to the information
> > displayed by mod_config.)
> 
> In my opinion, the config server is just an added exercise that
> really isn't needed. You probably weren't aware that Harrie has
> given us a start with mod_snmp.

Correct me if I am wrong, but is the concept of the configuration server
bnot based on the fact that the Apache-server and the configuration
server
run at the same box?? So remote-shells, remote-login are also required.
An SNMP soulution is not requiring these last ones. 1 manager
application 
communicates with all the SNMP-agent out in the filed and thus with the
Apache-server.

> 
> > All the authorization can be handled by sockets or SNMP (built in
> > there).  Hopefully we won't have to deal with CGI...  We can do things
> > without encryption, etc. at first and then fold that in- we just have to
> > keep security in mind during the build.  If the broker (glue between the
> > application code and classes doing the actual communication) is built
> > correctly, we can plug in authorization with minimal changes to the
> > application source.
> >
> > >  p.s. Randy: Don't forget will use RSA keys in the password auth. part,
> > > does CGI supports them?
> 
> I think that you would be better off writing a key authentication
> module for Apache.

The new SNMPv3 WG of the IETF is creating security for the SNMP
protocol. 
So in the future the SNMP-agent could go speaking SNMPv3.

Although my comments look like I plea guilty for the SNMP-solution,
I am certainly not against any other solution. But I agree with Randy
that we should keep the required protocols to the minimum (maybe one).


HH
-- 
0- Harrie Hazewinkel --------------------------------------0
 email:harrie.hazewinkel@jrc.it        phone:+39+332+789384
 http://porto.jrc.it/~harrie/            fax:+39+332+785500
 postal: JRC of the E.C.  -  CEO Programme
         Ispra 21020 (VA) Italy
0----------------------------------------------------------0
   Ik ben Harrie en ben 28 jaar en doe SNMP na. MIB, MIB.

Mime
View raw message