New Projects - Fresh from the Labs
Born out of dissatisfaction with expensive commercial tools and the direction taken by most network admin projects, OpenNetAdmin (ONA) takes a different approach to network administration while making the task of administration a little bit nicer in the process. Project founder Matt Pascoe found commercial tools, such as Lucent QIP, Infoblox and Bluecat, to be okay, but they're expensive and clunky for certain tasks, and they don't follow the *nix principal of modular functionality. All of the open-source tools he found, such as IP-Plan/IP-Track, had big usability issues, and the Java interfaces always annoyed him, so a Web-based AJAX interface made more sense. After coming up with a bunch of cool ideas and methods with his former coworkers, Matt couldn't let all of them go to waste, so he re-created his own variant that would work in a general sense for the Open Source community.
ONA is meant to play a more authoritative role in your environment. Many tools want to go into a discovery mode and tell you what is in your network, while all the time adjusting your data. In contrast, ONA tells the network what it should have in it. This way, you can (hopefully) trust your own data to help you configure your environment the way you want it, but still utilize things like DHCP and its dynamic nature. ONA also is designed to help with auditing your network, and it's geared toward helping configure your routers/switches/firewalls/nagios/cacti or pretty much anything for which you want to create an output template. The GUI also is an important element of ONA, designed to flow easily with familiar elements, such as pop-ups, search as you go and so on.
First, you need a basic LAMP installation of Apache, MySQL and PHP, or you'll be going nowhere fast. Matt recommends installing the following packages:
Once you've got the LAMP side of things sorted out, head to the ONA Web site, grab the latest tarball and save it somewhere locally. Once the download has finished, open a terminal in the directory where you saved the tarball, and enter the following commands as root or using sudo:
# tar -C /opt -zxvf ona-v00.00.00.tar.gz # ln -s /opt/ona/www /var/www/ona # touch /var/log/ona.log # chmod 666 /var/log/ona.log # chown www-data /opt/ona/www/local/config
(If you know what you're doing here and use a different Web server user, feel free to replace the user name.)
These steps should cover most circumstances, but alternative steps can be taken if you prefer more customization or if it simply doesn't work on your system. Check the installation documentation under docs/install in ONA's tarball for more information.
ONA is a browser-based program, so open up your favorite browser and head to http://<servername>/ona. If you don't know your server name, localhost should work in most cases. This should take you to a License Agreement screen, but if you get a request to save a PHTML file instead, try another browser and check that PHP is installed properly (on my Ubuntu machine, for some reason it didn't work on Firefox, but it worked straightaway in Konqueror).
After the License Agreement, you'll go to a screen where you need to assign passwords to the default users and user names (which you can change if you prefer). There also will be a number of prerequisite checks—ensure that they are set to Yes. After that, you now should be on the main ONA screen. When you start out in the main screen, you will be acting as a Guest by default, so you need to log in as admin. Click in the field near the top right where it says Guest, and enter admin in that field. After you've done that, a password box appears; enter admin there as well.
Now that you're all set up, it's time to explore. In the middle of the screen is a group of the main tasks you will be performing, such as Add a DNS domain, Add a new host and so on. If you look at the top left of the screen, there's a button called Tools. This contains a menu of all the tasks just mentioned as well as a host of other options. However, the most important option is Admin Tools (which also happens to be in the top center of the screen). This has some powerful options, such as managing DHCP, device models and roles, subnet types, users, groups and more. Information on pretty much every ONA networking task is available in some form or another, and some kinds of information seem to be available in lovely pie-chart form—perfect for boardroom types.
Unfortunately, I just don't have the space in this column to give this program justice, so hopefully we can cover it in a more detailed form some time in the future. ONA is chock-full of options; the GUI is pretty nice to use, and the aesthetics are pleasant—all of which will hopefully draw some new users into the world of Net administration. Nevertheless, some potential users may run away in fear of the command line, so hopefully, the installation process will benefit from distro-specific packages in the future (and in turn, hopefully, ONA will make its way into major distributions soon as a great admin tool). And, for those who want to jump in and try it without going through all the nasty installation stuff, check out the on-line demo (demo.opennetadmin.com).
John Knight is the New Projects columnist for Linux Journal.
Fast/Flexible Linux OS Recovery
On Demand Now
In this live one-hour webinar, learn how to enhance your existing backup strategies for complete disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible full-system recovery solution for UNIX and Linux systems.
Join Linux Journal's Shawn Powers and David Huffman, President/CEO, Storix, Inc.
Free to Linux Journal readers.Register Now!
- Server Hardening
- May 2016 Issue of Linux Journal
- EnterpriseDB's EDB Postgres Advanced Server and EDB Postgres Enterprise Manager
- The Humble Hacker?
- BitTorrent Inc.'s Sync
- The US Government and Open-Source Software
- The Death of RoboVM
- Open-Source Project Secretly Funded by CIA
- New Container Image Standard Promises More Portable Apps
- ACI Worldwide's UP Retail Payments
In modern computer systems, privacy and security are mandatory. However, connections from the outside over public networks automatically imply risks. One easily available solution to avoid eavesdroppers’ attempts is SSH. But, its wide adoption during the past 21 years has made it a target for attackers, so hardening your system properly is a must.
Additionally, in highly regulated markets, you must comply with specific operational requirements, proving that you conform to standards and even that you have included new mandatory authentication methods, such as two-factor authentication. In this ebook, I discuss SSH and how to configure and manage it to guarantee that your network is safe, your data is secure and that you comply with relevant regulations.Get the Guide