Slashdot Mirror
Talk To a Successful Free Software Project Leader
Nagios (formerly known as NetSaint) is a GPL network monitor software project that's been getting a lot of buzz lately among *Nix sysadmins. Nagios is unquestionably a free software success story even if it's not as high profile as Apache or Linux. Ethan Galstad leads the project. Perhaps he can tell us why Nagios has done so well, so that other free software projects can enjoy similar success. Usual Slashdot interview rules; post your question below, we'll email 10 of the highest-moderated questions to Ethan about 24 hours after this post appears, and publish his answers soon after he gets them back to us.
What would you say the biggest challenge you have faced is, and how did you handle it?
It's easy to stand out when the general level of competence is so low.
Nagios® is a host and service monitor designed to inform you of network problems before your clients, end-users or managers do. It has been designed to run under the Linux operating system, but works fine under most *NIX variants as well. The monitoring daemon runs intermittent checks on hosts and services you specify using external "plugins" which return status information to Nagios. When problems are encountered, the daemon can send notifications out to administrative contacts in a variety of different ways (email, instant message, SMS, etc.). Current status information, historical logs, and reports can all be accessed via a web browser.
Does that mean it can predict when a Windows system tries to use my network before the enduser gets a bluescreen? Woah; that's impressive.
You can't judge a book by the way it wears its hair.
what's the WORST security practice/vunerability/annoyance that's come out in the pasy year?
How does your product compare with similar commercial solutions?
It seems that most open source projects rely heavily on word-of-mouth and perhaps a few announcement sites, like Freshmeat, that have geek-appeal. But with open source trying to break into the mainstream, what do you think open source projects should do to effectively market themselves to non-geeks?
NetSaint was such a cool name.. why change it to Nagios.. just doesn't have the same ring.
No todo lo que es oro brilla
You know, the time that one had to avoid using the trademarked term UNIX has long passed. You won't be getting a note from AT&T's lawyers if you do. I promise.
Oh, and I hear some linux nerd in the crowd shouting, "*Nix" means "any unix-like operating system!". No, it doesn't. Using the term doesn't make you look sophisticated and cool, either.
Shutting down free speech with violence isn't fighting fascism. It IS fascism!
Nagios is an outstanding project, not only in terms of its success but, also in terms of its power and broad scope. Looking at Nagios today it is increasingly apparent that its functionality is starting to approach that of HP OpenView and CA Unicenter TNG.
My twofold question is, what has determined Nagios direction thus far? Was it modeled after OpenView and TNG or something else? Also, where is Nagios going in the future, will it continue to develop the features of OpenView and TNG or is it going somewhere else?
That is how do you know your're doing the right thing and how do you know you're doing it the right way to the right conclusion?
This site has prven that it is a festering pool of linucks zealots and M$ fanboy trolls
RUN RUN I SAY!
keep your dignity and walk away!
Your monitor appears to use a model where it
/db1 is over 90% full
polls a pre-defined list of conditions. In other
words, if there are 28 things that could go
wrong, there are 28 pre-defined items that
change color from green to yellow, to red.
In my experience, an event based model, where
monitors determine the problem and severity,
works better. The central event manager would
just receive the events and handle display and
notification.
Can your product handle this sort of model ?
For example, could I write a monitor that watched
a database log file, and have it send events
like this ?
severity category host message
high database myhost database memory shortage
medium os myhost fs
What's it like being the only successful Free Software project leader on Earth?
How can the sucess of geeky sysadmin software be translated into open source projects aimed at a wider audience? Put simply, can the open source model work beyond nerdy sysadmin widgets and spill into the world of mass-appeal software?
You like your Macintosh better than me, don't you Dave? Dave? Can you hear me Dave?
It is much easier to get my pets to submit whhen they are in heat.. But I want to know when this is possible
KTHXBIE
Was there a make or break moment when it could have all ended? If so what pulled the project back on track?
I'm sure people often send you feedback about your software. What I would like to know is if you have any feedback that stands out. Mainly what is the most unusual/unique use someone has had for netsaint that you have heard of?
I have no friends but i got Mad 5k1llz
Also, will you be my 1337 freind?
Love
Jason
Since your software is so successful, have you thought about charging money for it?
Do you call it Linux or gnu/Linux?
I call it Linux.
I've been using Netsaint for a couple of years now and its a really nice monitor package - pretty easy learning curve with the well commented config files, easy to extend if you want to write a little perl or C, and best of all it understands hierarchy - if you lose a major link in your network instead of complaining about all of the hosts on the other side of the outage, it just reports the link failure and warns that the other nodes are unreachable.
I have to agree with the others that have posted - why drop a perfectly good (and recognized) name like Netsaint for something we can't even pronounce?
I am very easy to get along with, but I don't have time to waste being nice to people who are being stupid. -Theo
If so, will you give up women now that you are the best lover that you have ever had?
when I go to that http://nagios.org/ site with my galeon 1.2.0 browser (on solaris) it crashes it every single time.. Pretty slick..
Nagios is well-made software. However it's difficult to set up. I'm using Zabbix for network and system monitoring at work. The software keeps under control more than 400 Unix servers, mostly Linux boxes. It has very clean design and works perfectly. What functionality do you plan to introduce in future versions of Nagios to make it more attractive for those who currently uses other Open Source alternatives?
of a "click through" EULA.Simply becoming aware of the existence of the contract brings it into full force. A full audit is performed at the end of the contract period to determine compliance.
Holy Lawyer may well, in a humorous fashion, be considered an oxymoron. In reality such things exist. Who do you think prosocuted the accused during the inquisition? The more socially acceptable "Unholy" lawyer is a real entity as well. The term "Devil's Advocate" is no metaphorical construct as most people seem to believe. This is the official term applied to the
"defense counsul" of the church accused.
KFG
at my summer job.
There are several free services that do that. As for writing a report, just modify one of the cgi scripts to include your company name and junk and add a wget command to the cron script.
use it like this:
%wget http://flame.dnsart.com/index.php -O report.html
--12:36:21-- http://flame.dnsart.com/index.php
=> `report.html'
Resolving flame... done.
Connecting to flame[192.168.1.1]:3128... connected.
Proxy request sent, awaiting response... 200 OK
Length: unspecified [text/html] 45.34M/s
12:36:22 (45.34 MB/s) - `report.html' saved [47540]
I have a proxy server, and downloaded the startpage for my site, but the usage will be similar for your script. I also had to remove 'junk characters'; damn you lameness filter! Be sure to stream output to null so your daemon doesn't email you weekly.
I might be writing some php scripts to monitor uptime; email me if you would like a copy when they are complete.
You can't judge a book by the way it wears its hair.
If a company came along and asked to market a version of Nagios that includes unpublished changes to the codebase, what would your response be? For example, would you:
.doc filters and database functions, then you pay for that.
A. give them a relicensed version that allows them to do whatever they want to it.
B. incorporate any changes they may want on your own and make sure the changes make their way to the GPL codebase.
C. tell them to get bent.
D. make proprietary changes that you leave out of the GPL codebase in order to sell those changes yourself or to other potential clients
E. Some combination of the above.
F. Some other direction I didn't think of
I feel that making proprietary changes to GPL code that you keep (at least temporarily) proprietary is a great business model for certain projects, possibly the best model for certain things. Some projects that come to mind are things like i-tree.org's Secure iXplorer, which has a GPL "lite" version which only supports ssh/scp and a "full" version that also supports sftp. OpenOffice.org and Star Office seem to be of the same ilk... If you need the extra functionallity of Star Office, such as the better
I'm also curious if you have been approached by anyone for this sort of thing.
put the what in the where?
Did Netsaint/Nagios start small, i.e. just a small shell script that was doing some minimal network testing, or was it designed from the ground up as a massive network tester to replace such overpriced products as NP OpenView, etc?
I know there was a serious code revision between Netsaint 0.0.7 and Nagios 1.0, which was phenomenal, btw, great job. But after using Netsaint (I still call it that, old habits die hard) for almost 2 full years now, I've always been very impressed with how well everything runs and scales.
"See, we plan ahead! That way, we never have to do anything now."
Goodbye NetSaint! We'll miss you!
You can't judge a book by the way it wears its hair.
I an running Nagios and having a major problem with one of the plugins that is severe enough to make me throw out the software if I can't get it working.
I've asked on the two nagios mailing lists and received no answer. How do I, working for a major corporation, promote this software package if there's nobody that can help me fix it? Where do I look for support for a free product?
do you ever look beneath you -- at all the hebephrenics, Comic Book Guys, teenage dragon slayers, wise-ass do-nothings and antisocial militants -- and shed a bitter tear over how 90% of the free software movement gives the other 10% a really bad name?
I've always been curious about this.
I assume there is a long list of "features" which your users and program staff have come up with for desired future components. How do you prioritize those in the development queue? Is there any method at all? Squeaky wheel? Most requests? Interest of particular developers? Donations with particular requests?
Nagios' present event handling performs a prescribed action based on a state change in a monitored service, this is an excellent feature that pushes Nagios beyond a simple monitoring application into a true management application. In CA Unicenter, event handling goes a step further, allowing you to configure any action based on ANY message that appears in the event log. This in my opinion, is one of Unicenter's strongest features, though there are many.
Will Nagios be implementing similar event handling functionality or will using utilities such as Swatch remain necessary? And if Nagios will not gain this flexibility, why would you feel that this functionality is unnecessary?
We often see jokes posted on here such as:
1) License product under GPL
2) ???
3) Profit!
What is #2 for you, or more generally, how do you support your project financially? What do you see as the most sustainable model for supporting Free Software?
This isn't really a question for the author so please don't mod this up.
Does this software scale to monitoring thousands of servers? The only other reasonably mature open monitoring solution I investigated is mon, and it wasn't close to scaling to an environment of any size.
I'm an Architect (Buildings, not software), and while I would love to get an open-source project started for my fellow Archiects to offer a AEC CAD package, none of my fellow Architects are programmers.
Most of the successful open-source projects seem to be things that programmers and geeks need; i.e. a Browser, a Web Server, a Net monitor. Because some geeks know how to code, they are able to build these tools for themselves and share them with thier community.
But how can a group of people who's knowlege is NOT in computers hope to have a successful open-source project? I, and none of my peers, know how to program. We could learn, mind you, but most of us don't have the time. However, as poor Architects, we would benifit greatly if there was an open source package available; and we would be able to contribute much in content and knowlege- just not programming.
So how does one solve this catch-22; we Architects are into making an open-source tool for our industry, and even can invision how it should function; but we don't program and most of us are too busy to program much. How can we hit that 'critical mass' that's so important for a open-source project to have?
Thanks
and do the opposite.
Parrot project leadership is an antipattern!
There are many Open Source alternatives around. Big Brother, MRTG, Zabbix comes to mind.
What makes Nagios unique? Thanks.
SourceForge provides lots of statistics about the projects it hosts. Since everyone has their own idea of success, it would probably be pretty pointless to assign a single metric as the definitive measure of success. Nagios has had over 7000 downloads per month since last June. SourceForge page views on the project recently rose logarithmically from 3500 during 10/01 to over 50,000 during 10/02. Dave.
Rank comments and posts against each other at We-Rank.com
One of the biggest problems with GNU projects is getting other people to help you out with your code. The code may be freely available, but that doesn't that people will freely code your project. At what point does a GNU project turn from one person coding his/her work, to several/many people working regularly on the project?
Zodiac Survey
When developing a non-trivial software it's hard to resist the temptation to add a lot of features that will take time to implement and are not necessary central to the software you're building. Given that you do not have the budget limitations of a commercial software ("we won't do this because not enough customers ask for it so it's not worth doing"), how do you decide on which features to include? Is it to do with the popularity of the feature request? Or with the time it takes to implement? Or how central it is? Or something else?
Daniel
Carpe Diem
It's clear that there are different driving forces behind Open Source projects and paid commercial projects.
Open Source projects are driven by people who enjoy coding in their spare time, people who want to contribute something to the community or by people who have a need for a particular piece of software of functionality.
Commercial projects are driven by the need to produce a product on-time and under-budget in order to sell it to make profit.
In your expierience, how similar is managing an Open Source project to a commerical one? What sort of challenges would you face in an Open Source project that you wouldn't come across in a commercial one? Where do the skill sets required for each differ?
What are your thoughts on arm-chair project leads? How do you deal with maintaining the hierarchy when such a person starts challenging your decisions?
It's been a long time.
I am a project manager for several open source projects and have had a great deal of trouble finding developers that will actually help with development. How do you find reliable developers that make a real contribution to your project?
My intranet hosts a number of web applications for internal use. Netsaint is one of those, and it has been a fantastic asset for us.
Other handy web apps we love include Mantis (bug tracker), CVSWeb and Chora, phpMyAdmin, phpPgAdmin, SquirrelMail and so on. There are lots of great web apps out there these days that can provide web based access to some cool functionality.
One major hassle, though, is that every one of them handles authentication and authorization differently. Setting up one login, or hacking them together into some sort of common framework is a giant hassle. Do you have any thoughts on how to get web applications to work well together?
- H
Nagios' new stanza-style config files makes the product much easier to set up and maintain than the previous approach; and the documentation is great. It does a good job of warning you about the difficulty of getting your first Nagios instance up and going.
My question for Ethan is this:
Network Monitoring is one of those projects that management considers "vitally important" but for which it allocates no human resources. So you end up with $100K Tivoli setups that sit dormant because nobody has time to pay attention to them or configure them properly.
What is your suggestion for getting past this problem, and how would you sell the PHB's on Nagios along the way?
Hot Damn! It's the Soggy Bottom Boys!
Nagios depends on a wide variety of plugins to do its job (in a way, like nessus). To what degree do you find outside developers contributing patches to the main codebase, vs. contributing plugins? Is there a path where developers add plugins, and then "graduate" to core patches? I think I see a similar path in both Linux and Apache, where one might write modules and then get involved in some of the deeper magic- and I wonder if that architectural decision may be a key to the project's long-term success.
What a strange bird is the pelican, his beak can hold more than his belly can.
I would like to see enhanced autodiscovery of devices (via an SNMPwalk or what have you), and automatic correlation of this in terms of "neighbors". In addition to this, but along the same lines, better "event correlation". Do you see these things as priorities in the future?
Have you ever had to deal with any developers who um, had issues? For example, someone who refused to comment their code, or someone who would volunteer to implement a feature and then "not get around to it" which forced the project as a whole to suffer?
If so, how did you deal with those people? Did you ever find yourself forced to burn any bridges as a result of dealing with such people?
One of the shortcomings that I always knock up against with netsaint is that I can pretty much monitor anything I want with it. I certain situations though the problem becomes a matter of having many items to drop into a single container. Assume I have a bandwidth threshold check, or a trap container for a device. It is possible for any number of items to be triggered on one device such that we could say a theoretical serial3/1 interface triggers a bandwidth threshold as well as a hssi1/0 on the same router. Sending those results into netsaint results in the last one in wins. Or take a similar example with a device sending traps, the device could send any number of traps corresponding to different interfaces, etc.. Is there any way of incorporating into netsaint/nagios a dynamically sized container such that the last one in doesn't necessarily eliminate the previous result. Is there any way that there could be a framework incorporated into future releases such that perhaps a new argument gets passed to send_nsca which could be an inteface id and if there is an existing interface id matching then it clears or remains the same, or if there isn't a matching id it would resize and add the new one on top of the stack.
I can dream. One thing I must say is that netsaint is a wonderful wonderful piece of software!
Thanks so much.
Brian Seppanen
Minister of Information and Propaganda
Area 54 The Secret Government Disco Labs Provo
I know of at least one large ISP who have bought a commercial, closed source monitoring system. However, this works so badly that the sysadmins have installed Nagios to run alongside it (presumably without official permission). Do you know of any other instances like this, and how do you think it impacts on Nagios usage and development? For instance, is it hard to get people to publish bug fixes and new features if their employers have commited the company's resources to a competing product?
"What I look forward to is continued immaturity followed by death."
Why should anyone give a flying fuck about some cocksucking fat asshat like yourself?
Let me focus the rest of my response on GUI development...
The problem I see with many projects like these is that they fail to innovate as much as they copy. If this world was 100% open source, we'd probably see more GUI fragmentation than we could stand. Going from one platform to another would be a very irritating process (more than it already is anyway).
So honestly, without companies like Apple and Microsoft spending millions a year on user interface research, we wouldn't have seen the tremendious WIMP evolution that we have over the past ten years.
In short, without closed source companies spending their own time and money to advance their products, the open-source competition wouldn't be near as advanced.
Go here for teh [sic] funny.
Hi,
We have a network of over fifty servers all monitored by Nagios and it has served us well.
My question is this:
Your software came with the option of the new "Object" model which you are switching to. When you have over fifty servers each with multiple services this creates a *huge* object file that sysadmins have to create.
I wrote a PHP application just to manage all of these issues and generate the object files from a database I created. The main nagios server connects to the central DB-server PHP page and wgets a fresh object file for it's child servers once each hour or so to facilitate changes. But I digress, my question is "How come no tools like this were released 'with' nagios?" And, would you be interested in my publishing the source for these programs or are you going to change this object file format at a later date?
This is a project I worked on a while ago and honestly have not looked recently but I remember sitting and scratching my head for a while wondering why this had not been implemented with the release.
Thanks for you time.
-Joel De Gan
-directnic.com
anime+manga together at last.. in real time.
Do you make more or less than $ 10,000 a month?
I don't have any - and I didn't take any time to look into who you are before I asked this question. I currently have one project I'm working on which I have released under the GPL and I have several projects more which I intend to do the same thing with (but im holding off till they are a little more finished before I do) - but my projects don't pay the rent, and so althou im looking to use my own code to profit in services in the future, my workload puts me in a situation where i just dont have time to push my "brainchildren".
Mabye it is that your living arangements were fertile soil for NetSaint, or perhaps you were in a position to put all of your-out-of work hours into it? Did an early embrace from the community help give it momentum?
I'm sorry - i dont even know if your the original author or inherited it.
Ah well - back to work
I used to be quite the closed-source advocate, until I started paying more attention to many of the successful open-source projects out there like say Gnome and KDE.
Let me focus the rest of my response on GUI development...
The problem I see with many closed-source projects like these is that they fail to innovate as much as they copy. If this world was 100% open source, we'd probably see more code re-use. Going from one platform to another would be a very easy process (more than it already is).
So honestly, without companies like Apple and Microsoft stealing innovations from open-source authors, we wouldn't have seen the tremendious WIMP evolution that we have over the past ten years.
In short, without open-source projects innovating to advance their products, the closed-source competition wouldn't be near as advanced.
how do you deal with those idiots who want to report bugs? i mean after all, you are giving this software away for free, they should have a little respect.
also what do you do with some idiot who patches a bug that doesnt matter, like if the manual has incorrect instructions? i cant ever be botehred with these idiots to accept their 'patches' as they are morons.