Exploring the openATTIC unified storage manager
Managing Volumes and Grabbing Snapshots
The Volume Management screen (Figure 2) oversees storage volumes and other resources: If you want the openATTIC machine to use a volume for a specific purpose, such as an NFS export (Figure 3) or a Samba share, you first need to create the volume. In the same menu, you will find the snapshot function, which lets you create snapshots of storage devices and volumes. A special treat: OpenATTIC also supports ZFS. If you rely on iSCSI in your network, you can also use the web interface to create iSCSI LUNs, which you can then integrate as local disks on the target servers.
In a mature IT setup, access to storage is desired not only at block level, but also via the various network file protocols, such as NFS or Samba. Often these network file protocols and services are distributed across various servers on the network and not centrally manageable.
Although openATTIC promises to put an end to this chaos, it succeeds only in part: The environment actually installs all the necessary components, such as NFS, FTP, and Samba server, and you can manage all these tools wonderfully via the Shares web interface menu. A previously created volume, for example, which is available as a local disk, can thus be shared quickly through NFS.
The same applies to Samba shares. If the admin has performed the appropriate steps in the web interface, setting up a Samba share for access by a Windows client is easy.
In view of these features, the quality of openATTIC is very impressive; in the lab, I really were able to create and use all the volumes as promised. On the other hand, openATTIC is deficient in situations where additional complex configuration is required; for example, the web interface still has no way to support Samba talking to LDAP.
System Management and HA
The fact that openATTIC is not only for storage management is clearly evidenced by the additional features available in the web interface. In essence, openATTIC is nearly comprehensive as a tool for system administration. For example, you can edit the system's network interface cards via the web interface. In Online Update, openATTIC provides a graphical update manager that calls Aptitude in the background. OpenATTIC automatically discovers which packages are upgradable on a regular basis; you only need to trigger this action.
The developers have also considered one other essential requirement of storage systems: high availability. In openATTIC, you can implement HA via the
Peers function: For a full HA configuration, you initially need to build two openATTIC systems, each with its own API key. In the web interface, below Peers, you can then connect the two entities. If the
openattic-module-drbd package is installed, you can proceed to set up replication.
If successful, openATTIC with Distributed Replicated Block Device (DRBD) ensures that the individual openATTIC machines always keep their data in sync. The nasty thing is that the mandatory set of HA programs, comprising Pacemaker and Corosync, cannot be configured via the web interface in openATTIC, but requires the use of additional software such as the Linux Cluster Management Console (LCMC) .
Given the fact that the implementation of a comprehensive GUI for Linux HA is extremely complicated, it is forgivable for openATTIC not to offer this feature at this early stage. It would be preferable for openATTIC to automatically integrate DRBD into an existing cluster manager.
OpenATTIC is promising, but in its current state, it still runs admins through a roller coaster of emotions. On one hand, the goal of providing a management front end for various storage technologies to put an end to the storage jungle is actually quite successful. After the installation, the environment is a complete management suite for any type of storage; it thus reduces the hassle of working with the many different protocols.
The fact that several openATTIC instances can connect with each other via the free API, and can also be incorporated into a high availability solution, is quite impressive. However, the installation is difficult, and an obscure shell script does not inspire confidence; to make matters worse, openATTIC currently only works reliably on Debian Wheezy.
Most likely, the choice of distribution is largely due to the personal preferences of the openATTIC developers. According to statements by Steffen Rieger, who manages openATTIC development at IT Novum, Wheezy really is the recommended distribution. But therein lies the rub: The market position that openATTIC currently adopts is not very meaningful. SUSE and Red Hat each have their own storage appliances that offer feature sets similar to openATTIC. If the project wants to compete with these solutions, it is inexcusable not to have pre-built packages for all enterprise distributions. But, if openATTIC wants to be an independent storage appliance that can be installed from a CD, the question arises as to why the project does not provide a matching image.
The openATTIC storage solution is fantastic and offers many benefits. But, unless it adds an Enterprise finish, the project will remain hidden to the many decision makers focused on enterprise-readiness.
Buy this article as PDF
Mozilla’s product think tank sinks silently into history.
TODO group will focus on open source tools in large-scale environments.
New tool will look like GParted but support a wider range of storage technologies.
New public key pinning feature will help prevent man-in-the-middle attacks.
Carnegie Mellon researchers say 3 million pages could fall down the phishing hole in the next year.
The US government rolls new best-practice rules for protecting SSH.
Klaus Knopper announces the latest version of his iconic Live Linux system.
All websites that use these popular CMS tools could be vulnerable to denial of service attacks if users don't install the updates.
According to a report, many potential victims of the Heartbleed attack have patched their systems, but few have cleaned up the crime scene to protect themselves from the effects of a previous intrusion.
DARPA and NICTA release the code for the ultra-secure microkernel system used in aerial drones.