admindoc
1 Introduction
This guide contains detailed information about the Remote Root system, including conditions for using the system and procedures for installation, configuration and operation.
Permission is granted to copy, distribute, transmit, adapt this document, or to make commercial use of it under the terms of the CC BY-SA license, version 3.0.
If you alter, transform, or build upon this document, you may distribute the resulting work only under the same or similar license to this one.
1.1 About the Remote Root system
Remote Root is an enterprise-class central management tool for Linux, which enables centralized configuration management of a large amount of network connected Linux-based computers (hosts) in a modular form.
It is an open source software system relying on operation of traditional operating systems, so it is capable of managing numerous free and commercial Linux distributions or even not Linux-like systems (such as Solaris, HP-UX, FreeBSD, OpenBSD). It can manage every system on which the following functions are available somehow:
identification of the version number of the operating system,
querying of the list of the installed packages,
querying of the version number of a package,
upgrading a specified package to a given version.
Remote Root can distinguish the binaries of the managed system from its own modifications, thus:
it is clear-cut, meets audit requirements,
an update can be easily carried out,
recovery is easy as well (it is a backup solution where there is no need to save the parts of the operating system),
installing a new host or adding an already existing host to the management system (registration, recording its data) can be carried out quickly,
it is an effective solution for managing computers with relatively homogeneous settings.
Remote Root keeps records of the managed hosts. By the help of it the operating status of the managed hosts, the distribution name and version number installed on the hosts, the lists and version number of packages installed on the hosts can be queried and logged continuously with retrospective change-up. Therefore every modification can be traced back and restored. Administrators can view changes in the state of the system in two distinct time, or can compare the state of unrelated hosts too. In addition, wiki integration helps users to keep track of various administrative information (e.g. data given by the administrator – users, telephone number, location, duty; type of the computer).
User interfaces (web-based, CLI interface) are easy to use, they operate separately from the real management functions. Interfaces available from the Internet can be used with encrypted protocols (SSH, HTTPS) after strong authentication.
Management functions (permissions), hosts or groups of hosts can be assigned to authenticated persons or groups of persons, so each person's work can be audited.
Updates can be grouped by type, they can be installed on specific hosts or groups of hosts, automatically, timed or event-linked. Groups of updates can be canceled as well.
1.2 Company information
The Andrews IT Engineering Kft. was established in the middle of 1999 to develop the ALF firewall. Security and reliability were the the two most important goals in the development of the services and systems of the company from the beginning. Our company mainly uses Unix (primarily Linux) systems, we deal with the planning, installation, and maintenance of these. Virtualization is included in our portfolio as we became acquainted with it in our operation. Since 2006 we have been dealing with auditing, training, consultancy and support in this field as a VMware Enterprise Partner.
We put serious emphasis on the continuous improvement of the skills of our developer, system administrator and expert team, therefore our employees participate in professional trainings on a regular basis. The number of engineers employed is continuously increasing, with minimal fluctuation. Our employees continuously monitor the systems they planned and installed, therefore their operation is smooth. Thanks to the security, remote administration and supplementary technologies we have developed, we operate several hundred systems at numerous locations in the world, from the United States to Kazakhstan. The great experience of our engineers is a guarantee of flawless operation of the systems, and the very quick resolution of problems that may incidentally occur.
Our company primarily focuses on the security of the clients. If the client asks for something that is impossible to carry out or unreasonable in security aspects, we find possible alternatives.
Our clients can expect correct, predictable attitude. We don't make promises that we cannot keep, but what we promise, we carry out precisely on all occasions.
2 Conditions for using the system
2.1 Hardware requirements
2.1.1 Remote Root server
Intel Pentium 4 3 GHz or equivalent processor (Intel Core Duo or equivalent is recommended).
At least 2 GB RAM (4 GB RAM is recommended).
Disk space and memory needed depends largely on the number of the managed hosts and the time you keep their data.
2.1.2 Hosts
There are no special requirements for the hosts managed by Remote Root. This is an agent-less system (no special managed node agents are required), but currently a perl installation is required on the managed node.
2.2 Software requirements
2.2.1 Remote Root server
Supported operating systems:
Fedora 17 / 18 / 19
CentOS 6.x / Scientific Linux 6.x / RHEL 6.x
Ubuntu 12.04 LTS
2.2.2 Hosts
Remote Root is theoretically capable of managing any Linux-based computer, but currently the following client hosts are supported:
Fedora 17 / 18 / 19
Centos 6.x / Scientific Linux 6.x / RHEL 6.x
Ubuntu 12.04 LTS / 13.04
Debian 7.0
2.3 Security considerations
The Remote Root server and the database server, the two main part of the Remote Root system, can be installed on the same machine, but according to security reasons it is not recommended really. Instead of it installing the Remote Root server and the database server on a separate machine is more likely recommended. In case of the database server a redundant solution would be the best, because the operation of the Remote Root system is based on the data stored in the database.
