New Projects - Fresh from the Labs
Born out of dissatisfaction with expensive commercial tools and the direction taken by most network admin projects, OpenNetAdmin (ONA) takes a different approach to network administration while making the task of administration a little bit nicer in the process. Project founder Matt Pascoe found commercial tools, such as Lucent QIP, Infoblox and Bluecat, to be okay, but they're expensive and clunky for certain tasks, and they don't follow the *nix principal of modular functionality. All of the open-source tools he found, such as IP-Plan/IP-Track, had big usability issues, and the Java interfaces always annoyed him, so a Web-based AJAX interface made more sense. After coming up with a bunch of cool ideas and methods with his former coworkers, Matt couldn't let all of them go to waste, so he re-created his own variant that would work in a general sense for the Open Source community.
ONA is meant to play a more authoritative role in your environment. Many tools want to go into a discovery mode and tell you what is in your network, while all the time adjusting your data. In contrast, ONA tells the network what it should have in it. This way, you can (hopefully) trust your own data to help you configure your environment the way you want it, but still utilize things like DHCP and its dynamic nature. ONA also is designed to help with auditing your network, and it's geared toward helping configure your routers/switches/firewalls/nagios/cacti or pretty much anything for which you want to create an output template. The GUI also is an important element of ONA, designed to flow easily with familiar elements, such as pop-ups, search as you go and so on.
First, you need a basic LAMP installation of Apache, MySQL and PHP, or you'll be going nowhere fast. Matt recommends installing the following packages:
Once you've got the LAMP side of things sorted out, head to the ONA Web site, grab the latest tarball and save it somewhere locally. Once the download has finished, open a terminal in the directory where you saved the tarball, and enter the following commands as root or using sudo:
# tar -C /opt -zxvf ona-v00.00.00.tar.gz # ln -s /opt/ona/www /var/www/ona # touch /var/log/ona.log # chmod 666 /var/log/ona.log # chown www-data /opt/ona/www/local/config
(If you know what you're doing here and use a different Web server user, feel free to replace the user name.)
These steps should cover most circumstances, but alternative steps can be taken if you prefer more customization or if it simply doesn't work on your system. Check the installation documentation under docs/install in ONA's tarball for more information.
ONA is a browser-based program, so open up your favorite browser and head to http://<servername>/ona. If you don't know your server name, localhost should work in most cases. This should take you to a License Agreement screen, but if you get a request to save a PHTML file instead, try another browser and check that PHP is installed properly (on my Ubuntu machine, for some reason it didn't work on Firefox, but it worked straightaway in Konqueror).
After the License Agreement, you'll go to a screen where you need to assign passwords to the default users and user names (which you can change if you prefer). There also will be a number of prerequisite checks—ensure that they are set to Yes. After that, you now should be on the main ONA screen. When you start out in the main screen, you will be acting as a Guest by default, so you need to log in as admin. Click in the field near the top right where it says Guest, and enter admin in that field. After you've done that, a password box appears; enter admin there as well.
Now that you're all set up, it's time to explore. In the middle of the screen is a group of the main tasks you will be performing, such as Add a DNS domain, Add a new host and so on. If you look at the top left of the screen, there's a button called Tools. This contains a menu of all the tasks just mentioned as well as a host of other options. However, the most important option is Admin Tools (which also happens to be in the top center of the screen). This has some powerful options, such as managing DHCP, device models and roles, subnet types, users, groups and more. Information on pretty much every ONA networking task is available in some form or another, and some kinds of information seem to be available in lovely pie-chart form—perfect for boardroom types.
Unfortunately, I just don't have the space in this column to give this program justice, so hopefully we can cover it in a more detailed form some time in the future. ONA is chock-full of options; the GUI is pretty nice to use, and the aesthetics are pleasant—all of which will hopefully draw some new users into the world of Net administration. Nevertheless, some potential users may run away in fear of the command line, so hopefully, the installation process will benefit from distro-specific packages in the future (and in turn, hopefully, ONA will make its way into major distributions soon as a great admin tool). And, for those who want to jump in and try it without going through all the nasty installation stuff, check out the on-line demo (demo.opennetadmin.com).
John Knight is the New Projects columnist for Linux Journal.
One Click, Universal Protection: Implementing Centralized Security Policies on Linux Systems
Join editor Bill Childers and Bit9's Paul Riegle on April 27 at 12pm Central to learn how to keep your Linux systems secure.
Free to Linux Journal readers.Register Now!
|Security Hardening with Ansible||Aug 18, 2014|
|Monitoring Android Traffic with Wireshark||Aug 14, 2014|
|IndieBox: for Gamers Who Miss Boxes!||Aug 13, 2014|
|Non-Linux FOSS: a Virtualized Cisco Infrastructure?||Aug 11, 2014|
|Linux Security Threats on the Rise||Aug 08, 2014|
|Android Candy: Oyster—Netflix for Books!||Aug 07, 2014|
- Security Hardening with Ansible
- NSA: Linux Journal is an "extremist forum" and its readers get flagged for extra surveillance
- Why Python?
- Returning Values from Bash Functions
- Monitoring Android Traffic with Wireshark
- Text Manipulation with sed
- Booting the Kernel
- Untangle's Multi-Functional Firewall Software
- Kernel Korner - Why and How to Use Netlink Socket
- RSS Feeds