From Fedora Project Wiki

< Features

Revision as of 13:12, 11 February 2013 by Jreznik (talk | contribs) (Feature has been announced on devel-announce mailing list on 2013-01-31)

System Configuration Shell

Summary

The System Configuration Shell System provides an easy to use interactive command line interface with a standardized syntax to manage your system.

Owner

Current status

  • Targeted release: Fedora 19
  • Last updated: 2013-01-08
  • Percentage of completion: 00%

Detailed Description

Network Administrators love their very powerful switch/router/firewall/etc. CLI which can be used for all administrative tasks in a very structured and well documented way. Compare that to classical Linux System Administration which is a mix of editing configuration files using different formats and executing commands & scripts with a heterogeneous syntax. The System Configuration Shell will provide an interactive command line interface using the python-configshell framework with a standardized syntax to manage your system. It consists of the command configsh which starts an interactive shell and can also be used in shell scripts and the command config for one-shot configuration commands (e.g. config hostname www.fedoraproject.org which not only executes hostname www.fedoraproject.org but also changes several configuration files to make the new hostname permanent).

The System Configuration Shell will facilitate the Linux System administrators daily work. Since every command is logged (in a verbose mode even showing the exact system commands and scripts executed), each administrator can decide him/herself if he/she feels comfortable using standard parts (or local extensions) the System Configuration Shell. The approach is similar to the OpenWrt UCI Command Line Utility or the Vyatta vbash but using a different approach.

To get an idea how a python-configshell based CLI looks like watch Andy Grovers targetcli screencast series. The following very simple and incomplete example-shell uses libuser, hdparm and some well known system commands to change e.g. user entries and show disk properties. The same ls/change commands could also get a Kerberos ticket and execute ldapsearch/ldapmodify commands showing the power of this approach.

# configsh

> cd /system/users (use TAB completion!)
> show
...
quantum:x:164:164:OpenStack Quantum Daemons:/var/lib/quantum:/sbin/nologin
avahi:x:70:70:Avahi mDNS/DNS-SD Stack:/var/run/avahi-daemon:/sbin/nologin
memcached:x:992:990:Memcached daemon:/run/memcached:/sbin/nologin
mysql:x:27:27:MySQL Server:/var/lib/mysql:/bin/bash
openvpn:x:991:989:OpenVPN:/etc/openvpn:/sbin/nologin
lightdm:x:990:988::/var/log/lightdm:/sbin/nologin
mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin
smmsp:x:51:51::/var/spool/mqueue:/sbin/nologin

/system/users> cd tom (use TAB completion!)
/system/users/tom> change shell=/bin/bash home=/home/tom (overloading "set" seems more natural!)

> cd /system/hardware/partitions/sda (use TAB completion!)
/system/hardware/partitions/sda> ls  (uses hdparm)

/dev/sda:
SG_IO: bad/missing sense data, sb[]:  70 00 05 00 00 00 00 0a 00 00 00 00 20 00
                                      00 c0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

ATA device, with non-removable media
Standards:
        Likely used: 1
Configuration:
        Logical         max     current
        cylinders       0       0
        heads           0       0
        sectors/track   0       0
        --
        Logical/Physical Sector size:           512 bytes
        device size with M = 1024*1024:           0 MBytes
        device size with M = 1000*1000:           0 MBytes
        cache/buffer size  = unknown
Capabilities:
        IORDY not likely
        Cannot perform double-word IO
        R/W multiple sector transfer: not supported
        DMA: not supported
        PIO: pio0

/system/hardware/partitions/sda> benchmark  (also uses hdparm)

/dev/sda:
 Timing buffered disk reads: 1594 MB in  3.00 seconds = 638.11 MB/sec

Benefit to Fedora

  • Fedora will have a better, more user friendly interactive system management utility.
  • The System Configuration Shell also represents a single point of information without forcing users to use multiple tools.
  • Basic configuration changes can be done with standardized commands while experienced administrators can still tweak their systems by other means or even integrate their own scripts into the System Configuration Shell.
  • Higher level configuration tools like Puppet, Chef, Juju, etc. can use the same underlying configuration commands.
  • Education material for new Fedora users can use standardized commands with a homogeneous syntax instead of mixing configuration file changes and CLI tools (similar to documentation for switches, routers, firewall and other embedded devices).
  • Many hand written CLIs (e.g. virsh, smartctl), setup tools (e.g. ipa-server-install), test scripts could be replaced by System Configuration Shell modules

Scope

The basic work (i.e. python-configshell) for the System Configuration Shell has already been done according to a design described in the smarter CLI paper and is also beeing used in the targetcli. The next step consists of writing some Python meta classes to minimize repetitive coding of shell wrappers, define simple uses cases and implement initial objects in the configuration hierarchy. The Unified Configuration Interface (UCI) Command Line Utility of the OpenWrt project, the Vyatta vBash (check e.g. the Vyatta Quick Start Guide), Augeas and any commercial switch/router/firewall CLI are good starting points for networking related objects.

A simple configuration shell example using python-configshell, libuser and hdparm can be found here.

The System Configuration Shell does not affect other parts of the distribution since it is just wrapper code. The different modules of the System Configuration Shell can be loaded on demand (e.g. import user) and configured according to the administrators preference (using ~/.configsh/configshrc, /etc/configshrc or CLI commands implicitely using these configuration files). The scope of this feature will be extended step by step and should start with very useful but simple commands (e.g. setting hostnames permanently, defining bonds whithout editing /etc/sysconfig/network-scripts/ifcfg-* scripts, etc.):

  • User/Group/Password/SSH Key management (system/users, /system/groups)
  • Hardware related information (/system/hardware/ using lspci, lsusb, lsscsi, etc. )
  • Storage management using System Storage Manager and targetd
  • Simple Network related configuration (hostname, IP adresses, routing, bonds, VLANs, traffic shaping, bridges/openvswitch, DCBX, IEEE 802.1Qbg, ARP tables, etc.)
  • Network services (NTP, LLDP, DHCP, DNS, SNMP, SSH, FTP, TFTP, FreeIPA, HTTP, etc.)
  • System services in general using systemctl (/system/services)
  • Package management using yum and other RPM tools (/system/software)
  • Print management (printers, print jobs, etc,) using CUPS, lp* and SNMP-based tools
  • Virtualization management (using a user friendly wrapper around libvirt potentially replacing virsh)
  • Cloud management (e.g. a user friendly wrapper around OpenStack CLI tools)
  • Application management
  • Backup/Restore management
  • and much more...

In the initial versions the different submodules will work separately, but the real value of the System Configuration Shell will become clearer by integrating several subsystems in a transparent fashion using user friendly and interactive domain specific languages.

How To Test

A detailed test plan depends on the modules beeing implemented in the System Configuration Shell and will be worked out accordingly. Each CLI command needs to implement a test case and if possible a rollback (undo) command so testing can be easily automated. Many other Fedora test plans could use extensions of the System Configuration Shell for testing.

User Experience

  • Administrators and users will be able to manage their Fedora systems more easily and reliably with the System Configuration Shell.
  • Different tools will be integrated into a single place with a similar CLI syntax.
  • Familier commands like ls, get, set and show used in different contexts will be much more powerful than in the past (a simple ls could show the result of an LDAP search against a FreeIPA server!)
  • The Configuration objects are structured in a hierarchical fassion but are also accessible globably if this is appropriate (e.g. show pci and also cd /system/hardware/pci; show)
  • Administrators can integrate their own scripts into the System Configuration Shell and make it even more powerful.

Dependencies

The core package depends on python-configshell, the different submodules on the subsystems they are a wrapping.

Contingency Plan

No plan needed. If this feature is not ready, it can simply be dropped.

Documentation

  • Each CLI command must include a __doc__ string which documents it's usage including all subcommands, parameters, etc.
  • The general philosophy behind the System Configuration Shell is documented in the smarter CLI paper.
  • A best practice document needs to be produced when the shell has sufficiently rich semantics.

Release Notes

  • Fedora 19 includes the first version of the System Configuration Shell which provides an easy to use interactive command line interface to manage your system.

Comments and Discussion