Isode's core business is messaging and directory servers. Isode products are designed for service oriented environments, such as ISPs, military, government and aviation. These are environments where there are stringent management requirements. This white paper sets out the approaches that Isode takes to address management requirements.
Isode's Two Management Dictums
Isode's management approach is driven by operational environments that often deal with many servers and have requirements for a high quality managed service. There are two architectural approaches which affect much of the management of Isode's server products:
- Do management client/server.
- Use the directory to store configuration information.
This paper will explain the thinking behind these approaches, and show how they are applied to Isode's products to deliver flexible high end management functionality.
The Two Types of Server Management
There have been many attempts to classify management functionality. Isode looks at management functions in two broad categories:
- Configuration Management. This comprises the creation and modification of routing, user information, setting server options.
- Operational Management. This is monitoring, controlling and analyzing the operational systems.
System configuration is generally stable, although will usually be updated in line with operational requirements.
Isode's Client/Server Architecture
The above picture illustrates what Isode means by client/server management. There are several key elements to this, which might not all be included in other client/server management architectures:
- Monitoring, control and other functions are accessed by a management protocol communicating with the managed server.
- Client authentication, to allow control of accessible functionality.
- Client side access to the management function is provided by an (Isode) API. Isode's management APIs are usually C, with Tcl and in some cases Java bindings.
- Management tools, built over the underlying APIs.
The following sections show how this architecture is applied. For most operational management functions, it can be used directly. It will be seen that for other functions, things get more complex.
What you can do with a Client/Server Management Architecture
Client/Server management can be used for many things including:
- Starting and stopping servers.
- Examining message queues, status and delays.
- Viewing messages, in queue, archive or quarantine.
- Viewing message envelope or content.
- Log access, searching and monitoring.
- Deleting and rerouting messages.
Providing an API, means that multiple management (client) tools can access the same underlying functionality. Different types of management tool may be build over the underlying API, which include:
- High end point and click GUIs. These are suitable for operators and system managers performing complex functions and/or using the tool on a regular basis. Isode's MConsole, illustrated below, is a good example of such a tool.
- Web Interfaces. These are good for some basic management tasks. Building (web client) portable Web interfaces onto complex management functionality, in a way that operators like to use is very difficult.
- Command line interfaces. Managers sometimes control systems over very slow links, and (even in 2004) command line tools can be very useful.
- Scripting interfaces. A GUI is an excellent way to do something once or twice, but problematic if many similar systems are being set up, or to handle large volumes.
Benefits of Client/Server Management
The previous sections have set out what Isode means by client/server management. This section considers why this is a good thing. There are two common approaches to server management:
- Management on the machine console, typically with a custom GUI. This can be very inconvenient, where a server is in an awkward or remote location. With client/server, you can choose to run the client on the server machine, even where you don't have to.
- Web management. This is a client server approach, and works well for some things. Isode's client/server allows for Web management, but also allows other client interfaces (GUI, command line) to be used, where these are more appropriate.
The key benefits of Isode's approach to client/server management:
- Management functions can be performed remotely, which is often convenient.
- The load of some costly management functions is not taken by the managed server.
- The API allows tools with appropriate user experiences (Web, GUI, command line, scripting) to be available.
- The API allows for non-Isode management tools to be developed. This might be customer developed scripts for bulk operations, or third party tools that can manage the Isode products, such as Sentra from Insider Technologies.
Monitoring and SNMP
SNMP (Simple Network Management Protocol) is widely used for network monitoring, and is supported by Isode products according to the Internet Standard MADMAN (Mail and Directory Management) MIB (Management Information Base). This is a specific example of Client/Server management, and gives many of the benefits described above. It is achieved by supporting SNMP directly in the Isode servers, which is complementary to the management protocols used by the Isode products as a component of the management architecture described above.
Configuration Management and Directory
Isode's approach to storing and managing configuration of the Isode products is to store this information in the directory. This gives a number of advantages:
- Enables an enterprise wide view. The integrated approach to configuration management enables operation of a messaging service to take a coherent enterprise view, as opposed to working to manage a set of servers and dealing individually with the configuration of each server.
- Redundant information elimination. The directory based configuration enables information to be shared between servers reducing redundancy and management overhead.
- Client/Server management. Use of directory enables secure client/server management of the configuration, which makes it straightforward to manage the configuration from any location.
- Directory access control allows flexible configuration of administrator access to and update of configuration information.
Holding configuration information in the directory is an extension of Isode's basic client/server management approach. Information in the directory is managed with a client/server approach (using a directory access protocol), and gives all of the basic advantages of client/server management described previously. However, the configuration information is held in the directory and not in the managed application, which gives a second level of client server interaction, where the application acts as a directory client.
This paper has explained Isode's approach to client/server management, including directory. It shows the significant advantages and flexibility of Isode's architecture.