Slashdot Mirror
Talk To a Successful Free Software Project Leader
Nagios (formerly known as NetSaint) is a GPL network monitor software project that's been getting a lot of buzz lately among *Nix sysadmins. Nagios is unquestionably a free software success story even if it's not as high profile as Apache or Linux. Ethan Galstad leads the project. Perhaps he can tell us why Nagios has done so well, so that other free software projects can enjoy similar success. Usual Slashdot interview rules; post your question below, we'll email 10 of the highest-moderated questions to Ethan about 24 hours after this post appears, and publish his answers soon after he gets them back to us.
What would you say the biggest challenge you have faced is, and how did you handle it?
It's easy to stand out when the general level of competence is so low.
Nagios® is a host and service monitor designed to inform you of network problems before your clients, end-users or managers do. It has been designed to run under the Linux operating system, but works fine under most *NIX variants as well. The monitoring daemon runs intermittent checks on hosts and services you specify using external "plugins" which return status information to Nagios. When problems are encountered, the daemon can send notifications out to administrative contacts in a variety of different ways (email, instant message, SMS, etc.). Current status information, historical logs, and reports can all be accessed via a web browser.
Does that mean it can predict when a Windows system tries to use my network before the enduser gets a bluescreen? Woah; that's impressive.
You can't judge a book by the way it wears its hair.
what's the WORST security practice/vunerability/annoyance that's come out in the pasy year?
How does your product compare with similar commercial solutions?
It seems that most open source projects rely heavily on word-of-mouth and perhaps a few announcement sites, like Freshmeat, that have geek-appeal. But with open source trying to break into the mainstream, what do you think open source projects should do to effectively market themselves to non-geeks?
NetSaint was such a cool name.. why change it to Nagios.. just doesn't have the same ring.
No todo lo que es oro brilla
Nagios is an outstanding project, not only in terms of its success but, also in terms of its power and broad scope. Looking at Nagios today it is increasingly apparent that its functionality is starting to approach that of HP OpenView and CA Unicenter TNG.
My twofold question is, what has determined Nagios direction thus far? Was it modeled after OpenView and TNG or something else? Also, where is Nagios going in the future, will it continue to develop the features of OpenView and TNG or is it going somewhere else?
That is how do you know your're doing the right thing and how do you know you're doing it the right way to the right conclusion?
Your monitor appears to use a model where it
/db1 is over 90% full
polls a pre-defined list of conditions. In other
words, if there are 28 things that could go
wrong, there are 28 pre-defined items that
change color from green to yellow, to red.
In my experience, an event based model, where
monitors determine the problem and severity,
works better. The central event manager would
just receive the events and handle display and
notification.
Can your product handle this sort of model ?
For example, could I write a monitor that watched
a database log file, and have it send events
like this ?
severity category host message
high database myhost database memory shortage
medium os myhost fs
How can the sucess of geeky sysadmin software be translated into open source projects aimed at a wider audience? Put simply, can the open source model work beyond nerdy sysadmin widgets and spill into the world of mass-appeal software?
You like your Macintosh better than me, don't you Dave? Dave? Can you hear me Dave?
Was there a make or break moment when it could have all ended? If so what pulled the project back on track?
I'm sure people often send you feedback about your software. What I would like to know is if you have any feedback that stands out. Mainly what is the most unusual/unique use someone has had for netsaint that you have heard of?
Since your software is so successful, have you thought about charging money for it?
I've been using Netsaint for a couple of years now and its a really nice monitor package - pretty easy learning curve with the well commented config files, easy to extend if you want to write a little perl or C, and best of all it understands hierarchy - if you lose a major link in your network instead of complaining about all of the hosts on the other side of the outage, it just reports the link failure and warns that the other nodes are unreachable.
I have to agree with the others that have posted - why drop a perfectly good (and recognized) name like Netsaint for something we can't even pronounce?
I am very easy to get along with, but I don't have time to waste being nice to people who are being stupid. -Theo
of a "click through" EULA.Simply becoming aware of the existence of the contract brings it into full force. A full audit is performed at the end of the contract period to determine compliance.
Holy Lawyer may well, in a humorous fashion, be considered an oxymoron. In reality such things exist. Who do you think prosocuted the accused during the inquisition? The more socially acceptable "Unholy" lawyer is a real entity as well. The term "Devil's Advocate" is no metaphorical construct as most people seem to believe. This is the official term applied to the
"defense counsul" of the church accused.
KFG
at my summer job.
There are several free services that do that. As for writing a report, just modify one of the cgi scripts to include your company name and junk and add a wget command to the cron script.
use it like this:
%wget http://flame.dnsart.com/index.php -O report.html
--12:36:21-- http://flame.dnsart.com/index.php
=> `report.html'
Resolving flame... done.
Connecting to flame[192.168.1.1]:3128... connected.
Proxy request sent, awaiting response... 200 OK
Length: unspecified [text/html] 45.34M/s
12:36:22 (45.34 MB/s) - `report.html' saved [47540]
I have a proxy server, and downloaded the startpage for my site, but the usage will be similar for your script. I also had to remove 'junk characters'; damn you lameness filter! Be sure to stream output to null so your daemon doesn't email you weekly.
I might be writing some php scripts to monitor uptime; email me if you would like a copy when they are complete.
You can't judge a book by the way it wears its hair.
If a company came along and asked to market a version of Nagios that includes unpublished changes to the codebase, what would your response be? For example, would you:
.doc filters and database functions, then you pay for that.
A. give them a relicensed version that allows them to do whatever they want to it.
B. incorporate any changes they may want on your own and make sure the changes make their way to the GPL codebase.
C. tell them to get bent.
D. make proprietary changes that you leave out of the GPL codebase in order to sell those changes yourself or to other potential clients
E. Some combination of the above.
F. Some other direction I didn't think of
I feel that making proprietary changes to GPL code that you keep (at least temporarily) proprietary is a great business model for certain projects, possibly the best model for certain things. Some projects that come to mind are things like i-tree.org's Secure iXplorer, which has a GPL "lite" version which only supports ssh/scp and a "full" version that also supports sftp. OpenOffice.org and Star Office seem to be of the same ilk... If you need the extra functionallity of Star Office, such as the better
I'm also curious if you have been approached by anyone for this sort of thing.
put the what in the where?
Did Netsaint/Nagios start small, i.e. just a small shell script that was doing some minimal network testing, or was it designed from the ground up as a massive network tester to replace such overpriced products as NP OpenView, etc?
I know there was a serious code revision between Netsaint 0.0.7 and Nagios 1.0, which was phenomenal, btw, great job. But after using Netsaint (I still call it that, old habits die hard) for almost 2 full years now, I've always been very impressed with how well everything runs and scales.
"See, we plan ahead! That way, we never have to do anything now."
Goodbye NetSaint! We'll miss you!
You can't judge a book by the way it wears its hair.
I an running Nagios and having a major problem with one of the plugins that is severe enough to make me throw out the software if I can't get it working.
I've asked on the two nagios mailing lists and received no answer. How do I, working for a major corporation, promote this software package if there's nobody that can help me fix it? Where do I look for support for a free product?
I assume there is a long list of "features" which your users and program staff have come up with for desired future components. How do you prioritize those in the development queue? Is there any method at all? Squeaky wheel? Most requests? Interest of particular developers? Donations with particular requests?
Nagios' present event handling performs a prescribed action based on a state change in a monitored service, this is an excellent feature that pushes Nagios beyond a simple monitoring application into a true management application. In CA Unicenter, event handling goes a step further, allowing you to configure any action based on ANY message that appears in the event log. This in my opinion, is one of Unicenter's strongest features, though there are many.
Will Nagios be implementing similar event handling functionality or will using utilities such as Swatch remain necessary? And if Nagios will not gain this flexibility, why would you feel that this functionality is unnecessary?
We often see jokes posted on here such as:
1) License product under GPL
2) ???
3) Profit!
What is #2 for you, or more generally, how do you support your project financially? What do you see as the most sustainable model for supporting Free Software?
This isn't really a question for the author so please don't mod this up.
Does this software scale to monitoring thousands of servers? The only other reasonably mature open monitoring solution I investigated is mon, and it wasn't close to scaling to an environment of any size.
One of the biggest problems with GNU projects is getting other people to help you out with your code. The code may be freely available, but that doesn't that people will freely code your project. At what point does a GNU project turn from one person coding his/her work, to several/many people working regularly on the project?
Zodiac Survey
What are your thoughts on arm-chair project leads? How do you deal with maintaining the hierarchy when such a person starts challenging your decisions?
It's been a long time.
I am a project manager for several open source projects and have had a great deal of trouble finding developers that will actually help with development. How do you find reliable developers that make a real contribution to your project?
My intranet hosts a number of web applications for internal use. Netsaint is one of those, and it has been a fantastic asset for us.
Other handy web apps we love include Mantis (bug tracker), CVSWeb and Chora, phpMyAdmin, phpPgAdmin, SquirrelMail and so on. There are lots of great web apps out there these days that can provide web based access to some cool functionality.
One major hassle, though, is that every one of them handles authentication and authorization differently. Setting up one login, or hacking them together into some sort of common framework is a giant hassle. Do you have any thoughts on how to get web applications to work well together?
- H
NO, NO, a thousand times NO. Wrong. That is not where "*nix" comes from. Not in the least. That is where johnnie-come-latelies think it is.
Shutting down free speech with violence isn't fighting fascism. It IS fascism!
Nagios' new stanza-style config files makes the product much easier to set up and maintain than the previous approach; and the documentation is great. It does a good job of warning you about the difficulty of getting your first Nagios instance up and going.
My question for Ethan is this:
Network Monitoring is one of those projects that management considers "vitally important" but for which it allocates no human resources. So you end up with $100K Tivoli setups that sit dormant because nobody has time to pay attention to them or configure them properly.
What is your suggestion for getting past this problem, and how would you sell the PHB's on Nagios along the way?
Hot Damn! It's the Soggy Bottom Boys!
The solution to your quandry would be to fund the development of your project and then release the software under an open source license. However, there are already a few CAD packages that may meet your needs, though the best ones are not open source, just inexpensive.
FREEdraft Free GPL
LinuxCAD $99
ARCAD $900 ($80 Student)
OCTree Free for non-commercial use.
VariCAD $400
Nagios depends on a wide variety of plugins to do its job (in a way, like nessus). To what degree do you find outside developers contributing patches to the main codebase, vs. contributing plugins? Is there a path where developers add plugins, and then "graduate" to core patches? I think I see a similar path in both Linux and Apache, where one might write modules and then get involved in some of the deeper magic- and I wonder if that architectural decision may be a key to the project's long-term success.
What a strange bird is the pelican, his beak can hold more than his belly can.
Have you ever had to deal with any developers who um, had issues? For example, someone who refused to comment their code, or someone who would volunteer to implement a feature and then "not get around to it" which forced the project as a whole to suffer?
If so, how did you deal with those people? Did you ever find yourself forced to burn any bridges as a result of dealing with such people?
I know of at least one large ISP who have bought a commercial, closed source monitoring system. However, this works so badly that the sysadmins have installed Nagios to run alongside it (presumably without official permission). Do you know of any other instances like this, and how do you think it impacts on Nagios usage and development? For instance, is it hard to get people to publish bug fixes and new features if their employers have commited the company's resources to a competing product?
"What I look forward to is continued immaturity followed by death."
Let me focus the rest of my response on GUI development...
The problem I see with many projects like these is that they fail to innovate as much as they copy. If this world was 100% open source, we'd probably see more GUI fragmentation than we could stand. Going from one platform to another would be a very irritating process (more than it already is anyway).
So honestly, without companies like Apple and Microsoft spending millions a year on user interface research, we wouldn't have seen the tremendious WIMP evolution that we have over the past ten years.
In short, without closed source companies spending their own time and money to advance their products, the open-source competition wouldn't be near as advanced.
Go here for teh [sic] funny.
not documented well on the site, last I checked, but the reason is:
It reacts to things professionally:
It keeps track of downtimes. It lets you SCHEDULE downtime (for specific time windows). It has access controls by user. It has limited views by user. It has notification windows per user.
STuff like that. BigBrother doesnt come close. and MRTG has a completely different design goal, as far as I understand it.
nagios is designed to be a cheap man's replacement for full on HP OpenView, in a true 24x7 NOC.
I used to be quite the closed-source advocate, until I started paying more attention to many of the successful open-source projects out there like say Gnome and KDE.
Let me focus the rest of my response on GUI development...
The problem I see with many closed-source projects like these is that they fail to innovate as much as they copy. If this world was 100% open source, we'd probably see more code re-use. Going from one platform to another would be a very easy process (more than it already is).
So honestly, without companies like Apple and Microsoft stealing innovations from open-source authors, we wouldn't have seen the tremendious WIMP evolution that we have over the past ten years.
In short, without open-source projects innovating to advance their products, the closed-source competition wouldn't be near as advanced.
People began using *nix to replace Unix in public, because long ago AT&T owned the trademark Unix and would use legal violence to spank anyone who used that trademark without their permission. In the same way that f**k represents a certain dirty word, people began using *nix to say Unix.
Of course, idiots that came later saw it and assumed it must mean "any unix". Bzzt, wrong.
Shutting down free speech with violence isn't fighting fascism. It IS fascism!