051926
Today
Yesterday
This Week
Last Week
This Month
Last Month
All days
112
117
636
50635
2266
2243
51926

Server Time: 2014-10-24 11:15:46
   

ECommands Documentation

Details

Working with ECommands

There are many things you can do with this tool. Let us try to present you the way a server administrator works if he/she doesn't have any tool that help him/her with his/her daily work. Every time you have to do something with one server you have to:

 

  • You have to have the idea what you want to do in the server.
  • Open a terminal connection with putty or ssh console.
  • Enter your username and password.
  • Type the commands or programms you want to execute.
  • Exit your terminal connection.


Sometimes, if you are a really paranoid, it is a good practice to use security environments like sudo or su to protect the root password and make levels of priviledges for users.

So, what happend if we add time to this tasks?.

You have to have the idea what you want to do in the server:  if you have experience, nothing, if you don't around 30 minutes to 1 hour.

  • Open a terminal connection with putty or ssh console: around 15 seconds.
  • Enter your username and password: 15 seconds if you are good typer.
  • Type the commands or programms you want to execute including su or sudo to execute the command: if you have experience and assuming that there are many commands and you create a script around 5 minutes, otherwise, probably you can spend like 1 hour to first be secure that this action don't make the system crash before you type ENTER.
  • Exit your terminal connection: 2 seconds considering you type exit or logout and ENTER.


You can see it?. If you are a good administrator with years of experience maybe you spend around 6 minutes for  server, now consider make the same action for 10 servers, or maybe 30, or 200. I think you get the point. Six minutes are not the reallity. but we all are agreed that we spend many time in our servers logging in, typing commands and next logging out.

The work of a Linux/Unix administrator are repetitive, sometimes when you get a lot of experience and know your servers and the process of your company, there isn't nothing new. Everything gets repetitive, boring, and
particulary annoying typing the same things over and over again.

There is something more. If I ask to someone normal, Do you remember all the commands you need with all its
options and not using any man or a guide to remember?, maybe 2 out of 10, answer, YES, I Know all of them. But the rest mortals like us, if we don't use this commands, we eventually will forget them, so we have to spend some time to remember what to do a thing, or just remember the options or reading in a book. So the real answer would be: NO, we don't.

Now that we expressed the idea of we want to get better, and if until this moment you think this is not for you because you are very good and nothing less administrator, good for you, don't spend time with us try to search something different. But if you are like me, that some times need to do many repetitive work on many servers, keep reading. This is for you, because will help you to make your work a lot of easy and fun.

 

The first view (Execute view)

After you logged in the system you will see something like this. This is the execute and principal program to make the real work done. You will have a Command list, CommandGroups list, Dynamic Command input and Devices.

Commands: they are actually programms, Unix commands, scripts, almost everything.

This commands are inline commands. They are not interactive commands. An interactive command would be for example, passwd, more, fdisk, sam, etc, because after you execute the command will ask for someting more. We call inline commands, the ones you can execute without any intervention.

For example: ls -l | awk '{print $2}', cat /etc/passwd, ioscan -fnNCdisk.

There are a lot of inline commands and alternatives that you can use to avoid interactive commands. But if you can't, you have to know, that for this moment this tool can't help you, but not for so long, because we are programming a much better solution that will have this property.

 
CommandGroups: are just like that, a group of commands. This is actually a good thing because there are many processes that use the same group of commands. The posibilities are infinite. You can group any kind of commands and you can execute this command groups in all your servers if you want.


Dynamic Commands: this is a the posibility to execute a Unix command over any server. This can contain scripts and any other thing, and can execute it over any server you choose.

Devices: it is the list of devices you add to your system. You can choose multiple devices just pressing CTRL and the click with the mouse.

The first time you won't see anything because you have to feed the system first.

Modules.

There are four kind of modules. Devices, Categories, Commands, and CommandGroups. They are in order on purpose, because the first time you want to feed the system the first desirable task would be adding all your servers.

Devices.

Until this moment you can add servers individually or by using a text file. If you want to add it individually you should fill the form:

Name: the dns name or IP address of the server.
User: the root user. The reason for this if to generalize, but until now, the only way you can do this tool work  for administrative tasks would be with root. You can put any other user but probably it wouldn't work for administrative things.
Password: the real password of root. Ok, ok, ok, I know, I heard some of you say ROOT USER?, are you kidding me?. Well, yes, it is the root password only if you want administrative tasks. for now, and only for demostration and because it is an alpha version we choose to use root directly in our connection. The password will be encrypted in the database and of course, depends on you to apply some good protections to http access.

WHY ROOT?
We all know that, with exception of some people, we work in corporations and enterprises. So, in some levels we have to give the root passwords to our superiors, managers, etc. It is a good practice. The root passwords for security reasons have to be protected but not for one or two. Some selected people have to have them and the reason will be for security and for service availability in case of superior forces.


The reason that we consider root directly in our application is to make easy the access of actions in case of an expert absence, so maybe you don't give directly the root password but indirectly you give the administration. In the future we will include the report module where you will print the root passwords and your servers to give it to your boss.


Priviledge: This is only for documentation, for now, but in the future will make a difference among root, sudo or su access.

Type: This is only for documentation, for now just select Server. With the file form you can create any kind of text file and follow the same attributes of the server explained above, separated by an : , for example,

server1:root:password1:root:Server
server2:root:password2:root:Server
server3:root:password3:root:Server

The server's name must be unique. The second column correspond to the user's name. The third would be the password. The fouth the type of user, and the fifth, the type of device.

After you add this devices you can make three operations. Delete, edit, and test, this last one would test your  connection with the device.

Categories

This is only for documentation. What we trying to do here is to make two things. Document our process, which is very hard work for every administrator, and try to separate our commands. So you can create any kind of categories, Unix, Linux, Home Works, Tests, Labs, etc.

You have to create categories, at least one, to create a Command.

Commands

As we said, Commands are programms, Unix commands or scripts you have writed or wants to create at this moment. You have to fill the form:

Name: The name you want to give this command or task. Try to humanize your command to other can know what it does. For example, Create new HP Virtual machine, is more comprehensive than, hpvmcreate, or Show Linux cluster status is better than, crm status.

Execute: your actual command or program. As you know we are looking for inline commands so you could do something like: cd /etc; ls -l hosts; cat hosts. Actually this is only to demostrate that you have an Unix console here and you could consider to separate different kind of actions with ; as you do in Unix. Now, if you can do someting like that, you could create an scrypt, for example:

for p in $(ps -afe | grep http | awk '{print $2}'); do; echo "Killing http process $p"; kill -9 $p; done

For all this thing we call it, Kill Http Server. Imagine you execute this action in 30 servers. Ok you get it now.

Commands could be interesting when sometimes we want to generalize them. For example: for those who know HPVM, to create a new virtual machine the sintaxis is:

hpvmcreate -P vmserver  -O Linux -c 2 -r 2G  -a disk:scsi::disk:/dev/rdisk/disk3 -a dvd:scsi::/dev/rdisk/disk3  -a  network:lan::vswitch:vswitch

For those who doesn't know HPVM will have a big ? over your heads, aren't you?. That's why this tool is getting interesting. Imagine that you are an experimented Unix administrator but you have to leave because your vacations are comming, and you have to trainnig other people that doesn't have any remote idea about this. It is a big hard work to do.

So let work with this command. I will try to generalize the command because it will work for vmserver but if you want to create another one you will have to create another command. To make more easy work you can create a template for that command, for example:

hpvmcreate -P {{VM Server's name}}  -O {{Operating System}} -c {{Number of CPUs}} -r {{Memory}}  -a disk:scsi::disk:{{Operating system disk, should be /dev/rdsk/diskXY}} -a dvd:scsi::/dev/rdisk/disk3  -a network:lan::vswitch:vswitch

Now you have created the template asign a Category and save it. When you try to run the command the system will ask you for this parameters in the order it find them and with the name you give it to them. It makes easy to understand and to execute a command with parameters.

Category: You have to asign a category to clasify this command for the rest.

CommandGroups

One of the special characteristic about this tool is to approach the opportunity to use the commands we already have and group them to create a boundle of commands. Sometimes repetitive tasks which envolves the same commands over a group of servers presents. This is a way from grouping this repetitive tasks.

Every command you've already configured in the system will present in the list box at the left. You just have to select it and then click the button to pass it to the right list. The order will be preserved so this is not an ordering list, in fact, this list will me created in the exact order you pass the commands.

If you don't want an specific command over the new CommandGroup, you just have to select the command and press the button "<<" to delete it.

Admin Menu.

Change Devices Password

This special module only will be showed if you logged in as an Admin user. In the Admin Menu one of the options are the change of the password over servers. Every administrator have to carry the cross everytime he or she wants to change the root password. In fact, this password is not the system's password, it is the server's root password.

The system will literally connect to the server and change the password. It was tested over Linux and over HP-UX 11.11 and 11.31. For the structure of Solaris authentication we think will work on it too. In some special cases like HP-UX 11.11 sometimes the server will ask about some interactive options, so the system have the capacity to interact with it and change the password we wrote.

The user have the option to set the same password to every server. if you want this option, just select Check in all device and Use this password.

You can use this option for some servers you want to set the same password. Just select the servers checkbox and then select Use this password.

If all your servers have different passwords so you just have to check it, set your new root password in the textbox unblocked and next press execute.

For every cases above the system will confirm it execution with a message.

Users.

Sometimes you just want to be the experimented administrator that wants to distribute tasks among your partners. So this option will help you with that.

You can create a new user. Just fill the form's attributes and press Save. Every attribute is obligatory except is Admin. This particular option will give the power of that user to every modification and permissions over the system. So this particular attribute is optional.

If the user is what we call, a normal user, the system will present different options around this. You can edit, delete, disable in case this user is a problematic one, set permissions where you can select which command, devices or CommandGroups the user have the right to use. and reset the user's password.

After you create the user, you have to asign the specific permissions over it. Every permission will be a multiple select so you have to press CTRL + Left click over the options and then Save it. You can edit this permissions and deselect the ones you don't want the user have anymore.

Logs.

All the commands and actions executed through the system will be registered in the Log. So the administrator will know the date, time, status, command, user and output the system executed. This particular module will act as an auditor and healer over the server's network to control the actions over the servers.

License and version.

This software is distributed over the GPL v2 terms. We are aware that this is not a terminated software, so we just uploaded as a test tool. So until now we are programming a better solution that will be uploaded soon.

Contributions.

All contributions and improvements made over the system for the community will be accepted and you can use our contact form to inform us about you idea and your wishes to be part of this project.

   
© Life Microsystems Group - Venezuela, All rights reserved