Opsware Creates Uber Shell for System Admins
by Timothy Prickett Morgan
For all of the advancement in systems management tools over the past two decades as we have gone through the minicomputer, client/server, and Internet revolutions, the dominant way that most system administrators in the world deal with the dozens or hundreds of machines they keep running every day is through an old-fashioned command line interface in an ASCII or EBCDIC shell. Rather than try to fight this trend and the overwhelming use of scripts by sysadmins to do routine tasks, Opsware has taken the shell and CLI to a whole new level with its new Global Shell.
This stands to reason when you know a little bit about what Opsware has expertise in and where it came from. When a lot of vendors bash the concept of using scripts to manage servers--which is the tried and true method that sysadmins employ in their day-to-day tasks--Opsware's Server Automation System is more like a master scripting engine than anything else, with the scripts controlling the provisioning of bare metal servers, operating systems, and applications and the application of patches and updates to software. Opsware also sells a similar Network Automation System (from the Rendition Networks acquisition from late 2004) and an Asset Management System (from the acquisition at the end of 2003 of Tangram Enterprise Solutions). Before Opsware wanted to take on servers, networks, and asset management with its script-based management tools, it was a spinout of Internet hosting company Loudcloud, which was founded by Marc Andreesen, the whiz kid programmer behind the Netscape browser and server business that sparked the dot-com boom. Scripting is in Opsware's blood, and it doesn't want to get rid of it. Rather, it wants to make it a centrally controlled process that spans across multiple and often incompatible distributed systems.
Opsware announced its Opsware Server Automation System (release 5.1, and code-named Darwin) in May, and the Global Shell feature the company announced last week for that software at the LinuxWorld trade show in San Francisco takes the command line interface and the use of shells to greater heights.. Just as system monitoring programs have evolved from taking care of a single system to transaction-oriented tools that can span distributed systems and aggregate data, the Global Shell is used to manage scripts that can be run across many different platforms in a distributed fashion, but not only from a single console, but from the shell of choice for the system administrators who take care of Linux, Unix, and Windows servers.
Of course, making a shell that spans these platforms is no easy task, explains Eric Vishria, director of product management at Opsware. But he says his company has done it with Global Shell, which can make a network of systems that are situated in many different locations look as if they are a single system. Not only that, but systems can be grouped in many different ways using Global Shell, which can organize systems by platform, operating system, applications, location, and myriad other ways. System admins using Global Shell don't have to learn anything new--they pick zsh, ksh, tsch, bash or the shell of their choice, and Global Shell virtualizes the systems in the network and makes them look like individual directories in a virtual file system that is backed by the Opsware Data Model. They write their scripts in Perl, Python, Ruby, or whatever floats their boat. The Global Shell allows a script that might, for instance, apply a patch to a Windows box to be run once in the shell and then executed simultaneously on all of the Windows boxes under the control of Opsware's tools. Scripting allows repetitive tasks to be automated, but Global Shell allows scripts to be cascaded and run in parallel, saving a huge amount of time that would otherwise be spent manually poking around the network identifying the machines on which to run the script and then executing them in series by copying and pasting between shells.
But that may not be the main benefit of Global Shell. Vishria says the company has been showing prototypes of the Global Shell to customers since it introduced the Darwin release, and while system administrators get excited about how it can cut down the time for certain tasks from dozens of hours to minutes, IT managers like the central auditing and control aspects of the Global Shell. As most people know, sysadmins are cowboys. They sometimes use Telnet, even if that is not secure. They access systems over NFS without SSL encryption. They simplify user names and passwords--often using the same one on many systems--and they usually share passwords among many different people. So people using Secure Shell to bop between machines to run scripts can't be tracked or traced. There is no audit trail, and in a compliance-crazed world, you have to show who accessed what system when and how. "Management gets very excited about this auditability that comes with Global Shell and the ability to shut down all other methods of access to the systems in the network," says Vishria.
Global Shell is a feature of the Opsware Server Automation System, and it cannot be acquired separately. Server Automation System costs $1,200 per server for a typical configuration. Customers who already have the Opsware code will get Global Shell as part of their maintenance contracts.