Newsletter:3/Zenoss Goes to School
Zenoss Goes to School
In each newsletter we like to spotlight ZenPacks from the talented members of our community. This issue we’re expanding this feature to give some background on our featured ZenPack creator Andrew Crouthamel (AKA Crouthamela).
Crouthamel offers a unique bridge between Zenoss Core and Zenoss Commercial (AKA Zenoss Service Dynamics or ZSD).He started using Zenoss Core back in 2009 while working at an MSP for small pharmacies. Several months ago Crouthamel started working at Temple University,which uses ZSD to monitor its vast infrastructure.
Open Source To the Core
Crouthamel has always been supportive of open source and community-based projects and has participated in Linux-based open source software projects for over 13 years. The MSP where Crouthamel worked back in 2009 sold anything “with a plug,” from the servers and firewalls to the software running all the stuff behind the scenes. Andrew worked on the MSP’s Level 2 and 3 support teams, trying to come up with ways to make life easier for his team members.
His first step was to choose Zenoss Core as the MSP’s monitoring solution. Why did he choose Zenoss Core over other open source alternatives like Cacti and Nagios? “Zenoss Core had the best interface to get something set up quick. It was a lot smoother and nicer than the others,” Crouthamel says.
Crouthamel also liked how easily ZenPacks allowed him to extend Zenoss Core’s usability and soon wrote his first one, SonicWALL, during that period. This ZenPack, which is compatible with 3.x versions of Zenoss Core, along with 4.2.x versions, provides users with the capability of monitoring and graphing CPU, memory, and number of connections for SonicWALL devices.
“Almost every customer had one of these SonicWALL firewalls, and there really wasn’t any good information or packages for monitoring the specific things in SonicWALL because they use their own OID, and you have to go in there and dig out the details you want. So I made the SonicWALL ZenPack to track CPU usage and the number of connections to the firewall and other things you’d care about if someone was getting attacked,” Crouthamel explains.
Biggest Differences Between Zenoss Core and ZSD (AKA Zenoss Commercial)
Temple University was already using ZSD when Crouthamel started working there. Although the Core and Commercial share the same code base, ZSD offers more scalability than Core can. “Here, we monitor almost 5,000 devices, as well as additional collectors and a split front-end UI. And we have 12 servers that run different services of Zenoss here, which is quite impressive,” Crouthamel says.
Furthermore, ZSD provides its customers with a 24/7/365 support team that can handle the most confounding problems. A few weeks ago, Crouthamel was working on some transforms and accidentally entered the wrong character in one of them. “It had a “$” sign init, and I didn’t notice, so the transform was blowing up, missing events, and backing up the queue—as well as creating events telling us the queue was getting backed up!” says Crouthamel.
Within several hours, Crouthamelhad about 2 million events backed up in his queue, and Crouthamel was concerned that something in the system would,as he put it, “Blow up.” The Zenoss support team was able to ramp up the number of [workers, also a Zenoss Commercial item – note: unsure what he meant here...] on the problem, and let it churn through that mess over the weekend. Not only did it deal with the hundreds of thousands of events that come in every days, it was also able to churn through those several million events over a single weekend. Crouthamel has the graph to prove this should anyone doubt him.
No Zenoss Without the Zenoss Core Community
Because Crouthamel has alwaysgotten involved with the community with any major product he has used, hisinvolvement with the Zenoss Core Community has increased, rather than decreasedwhen he started using Zenoss Commercial at Temple. “Really I can’t imagine using Zenoss without the community,”Crouthamel affirms.
Since he started monitoringTemple’s infrastructure, Crouthamel has installed dozens of Community-builtZenPacks and has spent lots of time on the Zenoss IRC channel, where “tons” ofcommunity members have helped him out. Moreover, the creativity of theCommunity has enabled him to easily find solutions to specific issues withouthaving to bother ZSD’s support team to help him out.
For example, Temple uses an SNPPpaging feature that ZSD removed a while back. Thanks to the Community,Crouthamel found a great Community patch by doing a quick search on theCommunity forums. Crouthamel would love to see other ZSD customers get involvedwith the Core Community as well. “They would be able to learn off of what theCommunity knows and vice versa. Even from Zenoss Commercial to ZenossCommercial, we'd be sharing things, which would be great as well,” Crouthamelsays.
In addition to writing ZenPacks,Crouthamel documents things he is learning about Zenoss and sharing thatinformation with the Community. When he creates ZenPacks, he likes to write upthe information for himself “through a bunch of little Notepad-type garbage onmy side, then format it, and fit it in nicely on the new Zenoss Wiki,” saysCrouthamel. “So I wanted to create actual content for the Community that wasn’ta tweak or rehash of what was already there. I wanted to start submittingsomething useful for people in the Community.” Crouthamel claims his knowledgeis still fairly limited, but he figured his documentation would be useful atleast for some people.
Andrew Crouthamel’s Featured ZenPacks
Because of his experience usingZenoss Core, Crouthamel finds it easier to whip up new scripts, rather than gothrough the back and forth with ZSD support. “It just seemed faster at the timefor me to work on it for a day or two and get myself used to figuring out someof these systems I might not have used before. I’d rather have [ZSD support]figure out actual problems on my system while I work on whatever features Ineed,” Crouthamel says.
Crouthamel shares his ZenPackswith the Community as a way to give back for all the help the Community hasgiven him over the years. “There is nothing proprietary [in these ZenPacks],and so it was second nature to share them and engage the community with whatI’ve learned that can help them,” he says.
According to Crouthamel, hisZenPacks fill holes for things that he’s needed to monitor in some fashion andare pretty simple to use. “I figured I’d share whatever limited knowledge Iknow, and hopefully, mine are simple enough for other people to look into ifthey know some Bash and mess with them,” he says.
In addition to SonicWALL, Andrewhas contributed three other ZenPacks to the community (with more to come, hesays). BasicPing is a simple ZenPack Crouthamel created when he was taskedwith switching over the way Temple handles its pings in 4.x. “We moved over tousing an nmap-based ping system, so BasicPing just uses the proper functions inZenoss to do the more efficient method of pinging something and provide a nicesimple [monitoring template]. We use it for all of our systems.
The PacketFence ZenPack lets users monitor Daily Guest Registrations (arunning total per-day) and Guest Registration Rate of five-minute pollingintervals when using the PacketFence FOSS NAC solution and createsa monitoring template to visualize this data. Crouthamel originally developedthis ZenPack to track guest registration rates. “We recently had a newpresident inaugurated here at Temple, and a great number of guests wantedwireless access. We needed to track that carefully to make sure ourregistration portals were not getting overloaded,” he explains. “When youconnect to our SSID, you're greeted with a PacketFence interface. Once youauthenticate and get access to our secret secure Wi-Fi, [the PacketFenceZenPack] tracks how many people are registering to that guest portal,”Crouthamel explains.
Lastly, the FreeRADIUS ZenPack tracks data off the popular FreeRADIUS server tocheck for major spikes or lulls in traffic that can help admins diagnose anissue. Like the PacketFence ZenPack, the FreeRADIUS ZenPack monitors and graphsFreeRADIUS metrics like Total Access, Authentication, and Accounting, alongwith the per five-minute polling interval for each one.
Says Crouthamel: “Pretty mucheverything here at Temple communicates back to FreeRADIUS in some fashion forauthentication, so we have quite a number of servers that run it.”