Pro Python System Administration, 2nd Edition

Pro Python System Administration, 2nd Edition

English | 2014 | ISBN: 9781484202180 | 428 Pages | PDF | 11 MB

Pro Python System Administration, Second Edition explains and shows how to apply Python scripting in practice. It will show you how to approach and resolve real-world issues that most system administrators will come across in their careers. This book has been updated using Python 2.7 and Python 3 where appropriate. It also uses various new and relevant open source projects and tools that should now be used in practice.
In this updated edition, you will find several projects in the categories of network administration, web server administration, and monitoring and database management. In each project, the author will define the problem, design the solution, and go through the more interesting implementation steps. Each project is accompanied by the source code of a fully working prototype, which you’ll be able to use immediately or adapt to your requirements and environment.
This book is primarily aimed at experienced system administrators whose day-to-day tasks involve looking after and managing small-to-medium-sized server estates. It will also be beneficial for system administrators who want to learn more about automation and want to apply their Python knowledge to solve various system administration problems. Python developers will also benefit from reading this book, especially if they are involved in developing automation and management tools.


Reading and Collecting Performance Data Using SNMP

High-Level Design Specification

Now that we have some ideas about the functionality of our system, let’s create a simple design, which we’ll use as a guide in the development phase. The basic approach is that each of the requirements we specified earlier should be covered by one or more design decisions. The first requirement is that we need to monitor the network-attached devices, and we need to do so using SNMP. This means that we have to use appropriate Python library that deals with the SNMP objects. The SNMP module is not
included in the default Python installation, so we’ll have to use one of the external modules. I recommend using the PySNMP library (available at, which is readily available on most of the popular Linux distributions.

The perfect candidate for the data store engine is RRDTool (available at The round robin database means that the database is structured in such a way that each “table” has a limited length, and once the limit is reached, the oldest entries are dropped. In fact they are not dropped; the new ones are simply written into their position.

The RRDTool library provides two distinct functionalities: the database service and the graph-generation toolkit. There is no native support for RRD databases in Python, but there is an external library available that provides an interface to the RRDTool library.

Finally, to generate the web page we will use the Jinja2 templating library (available at, or on GitHub:, which lets us create sophisticated templates and decouple the design and development tasks.

We are going to use a simple Windows INI-style configuration file to store the information about the devices we will be monitoring. This information will include details such as the device address, SNMP object reference, and access control details.

The application will be split into two parts: the first part is the information-gathering tool that queries all configured devices and stores the data in the RRDTool database, and the second part is the report generator, which generates the web site structure along with all required images. Both components will be instantiated from the standard UNIX scheduler application, cron. These two scripts will be named snmp-manager.pyand, respectively.

Introduction to SNMP

This approach is rather generic. The protocol defines seven basic commands, of which the most interesting to us are get, get bulk, and response. As you may have guessed, the former two are the commands that the management system issues to the agent, and the latter is a response from the agent software. How does the management system know what to look for? The protocol does not define a way of exchanging this information, and therefore the management system has no way to interrogate the agents to obtain the list of available variables.

The issue is resolved by using a Management Information Base (or MIB). Each device usually has an associated MIB, which describes the structure of the management data on that system. Such a MIB would list in hierarchical order all object identifiers (OIDs) that are available on the managed device. The OID effectively represents a node in the object tree. It contains numerical identifiers of all nodes leading to the current OID starting from the node at the top of the tree. The node IDs are assigned and regulated by the IANA (Internet Assigned Numbers Authority). An organization can apply for an OID node, and when it is assigned it is responsible for managing the OID structure below the allocated node. Figure 1-2 illustrates a portion of the OID tree.

Creating a Web Application for IP Address Accountancy

In this chapter, we will define requirements and application designbefore explaining what technology is going to be used. This way it will be easier for you to understand how to reuse the design phase even if in your own work you will be using different technologies.

Setting out the Requirements

The most important consideration in developing any application is an understanding of exactly what you want from it. Step away from the images of user interfaces you have seen somewhere else, or the functionality of some other (possible similar) application that you may have used in the past. Instead, take a piece of paper and write down in short sentences what you want your application to do.

Our imaginary organization is a rather large enterprise with a reasonably complicated network infrastructure, so it is important to assign and use IP address space effectively. In the past, addresses were recorded in a simple spreadsheet and different teams used different structures to represent the same information. Here, there is no
authority assigning IP address ranges, so effective and clear communication between teams is important. New systems are being introduced while old ones are being decommissioned. Group policy prevents servers from using dynamic IP allocation; only user machines can obtain address information from DHCP. Based on this brief
description, let’s come up with the following list of requirements: