Hi,

I'm the lead of the Common Agent Container open-source project. The Common Agent Container (CAC) provides a management daemon designed for JMX and JDMK-based management functionality. CAC accepts modules that extend its existing JMX/JDMK agent with new managed objects, connectors, or more generally, new functionality.

One of the major differentiators for the CAC project is the multi-model, multi-protocol nature of the daemon, its tie-in to platform security models,

and its ability to run using Java SE for full feature-set or Java ME for small footprint.

The Common Agent Container open-source project, licensed under GPLv3 with classpath exception, is:

• A cross-platform Java-based management daemon

• Solaris, Linux, HPUX, Windows; Java SE, Java ME

• supporting standard management models and protocols

• JMX, SNMPv1,v2,v3, RMI, web-services

• and with integrated pluggable security.

• TLS, PAM, RBAC, SBD, auditing

• It is a dynamically extensible container

• Modules can be deployed, undeployed and managed at runtime

• which is simple to develop for and to use.

• Full NetBeans integration for Common Agent Container module developers

• The easy learning curve of JMX

The Common Agent Container is used in a wide range of products from Sun Microsystems

Integrated in Solaris 10, xVM Ops Center, JES MF, DS, PS, N1 System Mgr, Storage Portal, Solaris Basic Registration, ...

Also we have ws-man (JSR 262) support and have developed CIM and WS-CIM but that's not yet released in open-source.

CAC's weakness is also its strength - it's not designed as a dedicated CIM-OM or as a dedicated SNMP agent, it's very flexible and allows the same instrumentation written against JMX APIs to be leveraged by different protocol adaptors, sometimes with a thin mediation layer, sometimes directly as-is.

If you have more detailed info, check out the web-site, and feel free to ask questions!

nick

I'll give you my perspective from NetDirector - and it isn't so much that these agents lack anything (or not at least from my pov) but rather how they do what they do

we actually built the first netdirector agent in C so it would be lightweight and fast. for us, since we always expected netdirector to be deployed in medium to large environments, we were sensitive to the resources that the agent would consume on the managed servers.

But, we found that C really fell down in terms of portability. So, when we wanted to support non-Linux OSes (Solaris in particular), if we stayed with C, we would have basically had to rewrite the whole agent. And from an ongoing mainenance perspective, it seemed really untenable to have a unique agent code for each OS.

So, we decided to go with something higher level. We looked at Java, but decided against it because, one, it wasn't open source at the time, and so we worried how much we could customize it, and 2, it was too resource intensive. So we went with Python, which was a good compromise - a little bigger than the C agent, but not much and all the portability we wanted. It's worked really well, and we actually have it running on WIndows in the lab, which is cool.

Fast forward to today. Java is open source. I am stil a little concerned about its "fatness," but the benefit of not having to maintain our own agent, and the prospect of total ubiquity if Java was selected as (and suitable for) a common agent could persuade me.

I am a little surprised about Erik's comment regarding Cigar being needed in order for Hyperic's agent to support different OSes, since I was under the impression that Java was portable...So, I'm interested in learning more about this.

When it comes to making the kind of low-level system calls necessary for systems management tasks, Java is far from ideal. Honestly, I don't think any language is going to be a panacea here. That said, I'm wondering if anyone has consider using C along with a high portable runtime library like APR? You would still need to write OS-specific portions of the code, but appropriate abstractions should make that not too unmanageable.

All,

I tossed together a quick spreadsheet that I thought might serve as a starting point for evaluating some of the options.

You can find it here: http://spreadsheets.google.com/ccc?key=pKdnOssmUJpxbsu_Xw3X-Ng

/me stands up and waves.

Hi. I'm one of the Func guys.

If any of you are interested in Func, I'd invite you to stop by https://fedorahosted.org/func and join the mailing list and IRC channel. Feel free to bring up whatever topics you like, and we're there for Q&A too.

I was on the OMC lists a while back -- and yes, I definitely agree that there is potential in this sort of thing and would love to see it happen. I too originally came from a Java/CIM world, have experience with both, and believe that (especially for a certain class of admins and FOSS developers), alternatives are great to have and are in some ways easier to build a community of admin/developers around.

If you have questions, or have ideas on how to move this forward, please let us know... preferably on the list, as I may forget to check back here -- though I'll try to remember

One of the obvious concerns are "do I have to use Python?" and/or Fedora/RHEL... thankfully, no. We do have some guys who have gotten Func running on Debian, SuSE, and FreeBSD... Windows is presumably doable... and someone has written a small Perl module that allows for calling Func minions. As those ports evolve, keeping those in tree, and maintained by the people who are interested in them is important... Minion modules do have to be written in Python presently, though there's nothing saying they can't in turn call other plugins and so forth... for instance NagIOS plugins are just stdin/stdout based and there's a simple module there already (too simple perhaps) for being able to hook into those.

As time goes on, I see the modules evolving and increasing in number... what's there now is really just a start and it's all pretty much changeable. Patches and other involvement is absolutely welcome. We're really concerned about making a framework that is extremely easy to contribute to, easy to understand, but also offers a secure communications channel that allows things to be audited and controlled in useful ways -- being able to schedule asychronous jobs, address servers in globs ("mailservers*.example.com") and so forth. If there are any features that seem to be missing (for instance, we don't have minion 2 minion communication implemented yet), please bring it up on the list or maybe contribute a patch. I think there are a lot of different places we could take this.

I look forward to seeing what can happen with this.