[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Automated solutions for a small ISP

Igor Wawrzyniak wrote:

I work for a small Internet provider. I'm getting tired of
entering the same information in many places (e.g., new client's
IP into DHCP, DNS and /etc/ethers). I'd like to have a system
which automates such tasks (OK, I've got a few scripts, but that's
not enough). I have a few ideas - could you comment them?

No problem...

Idea 1) Write a system which keeps the hosts information (and in
  future   - user information) in some kind of a database (file, MySQL
  or LDAP, probably I'll choose MySQL) and generates configuration
  files. Advantages: easy to implement. Disadvantages: limited use.

This is what I use. Only limited by programming skills (and time to code) ;-). We use two replicating mysql servers, some perl scripts (configuration agents for apache), and a web interface in PHP. This came with an extra bonus - as I store the custoer's id in most tables, I built a customer self-service portal on top of what I had in only a few hours :-). We also use freeradius, postfix, courier-imap and mydns, which authenticate/read their data directly from mysql, so we only need to generate apache's config files. Apache virtual host accounting is done through a perl script parsing mod_watch's output, so there's no need to parse those n GB of access_log every night... Works like a charm, but is non-free (since my boss was paying me, eventually).

Idea 2) Install a full-blown ISP managemant system, probably based on
  LDAP - for example the one described here:
  Advantages: it fully automates many mundane tasks, scales very
  well, has a web interface that can be used by not-so-technical
  personnel. Disadvantages: hard to implement, such a complicated
  system can screw up the system in more ways then I can imagine,
  security hole in this system could cause a total breakdown.

Or maybe there's another system I can use? Preferably something
modular, so that I can LDAPize some things (it doesn't really need
to be LDAP, but I feel it is the future) and keep good old
config files for other stuff? Maybe it'll be better to write
my own system (Idea 1), but with scalability in mind - that way
I will know what it does and it will minimize the risk of screwing
the system up?

Best regards

Seems I have done (2) in mysql, and I don't regret it. IMHO there's too much relational data in such a system to implement it with a LDAP backend. After all, mysql has replication, too.


Reply to: