Other Solutions

Other Solutions

PIKT is often compared to Cfengine [3].  In the words of its author, Mark Burgess,

"Cfengine ... is a very high level language for building expert systems which administrate and configure large computer networks. Cfengine uses the idea of classes and a primitive form of intelligence to define and automate the configuration of large systems in the most economical way possible."

In Cfengine, you create a configuration file (or files) describing the ideal setup for all of your hosts.  When run, the cfengine program will check the actual machine configurations against the ideal and, if desired, fix any deviations.

Cfengine and PIKT address generally the same problem but in significantly different ways.  Cfengine is a high-level, declarative or descriptive language (a single statement might set permissions on hundreds of files, for example), while Pikt is a low-level, procedural language.  Cfengine tends to provide specific solutions to specific problems, while PIKT tends to be more general.  Cfengine's specificity (it has built-in support for configuring network interfaces, for example) would be out of place in base PIKT.  (With PIKT, you would write a script to configure the network interface calling the usual UNIX networking commands.)

While Cfengine achieves per-OS and per-machine customization by means of classes, for example,

    FTPserver.Sunday.Hr00::

        /local/iu/xferlog rotate=3

which means to rotate xferlog at midnight Sunday if this system is a FTPserver, PIKT would achieve a similar effect as follows (in the alerts.cfg file):

Notice

    timing      0 0 * * 0
    ...

        alarms
                ...
#if ftpserver
                LogFileChkNotice
#endif
                ...

Cfengine has its own unique keywords, syntax, macro and variable forms, etc. Although Pikt has some unique elements, much of it should be familiar to any Perl or C programmer, especially the idea of preprocessing.  If PIKT has a steep learning curve, Cfengine's is equally steep, if not steeper.

Cfengine tries to anticipate many of your needs, but when you veer off the beaten path, Cfengine is not quite so helpful.  In many situations, you will still need to write your own scripts.  With PIKT, you script everything. This makes PIKT inherently more flexible and applicable to a broader class of applications--not just fixing broken system configurations and executing routine tasks, but also reacting to errant dynamic processes.

Cfengine is quite good at what it is designed to do.  It would be especially useful (and superior to PIKT) for configuring a new system or restoring a system after a crash or cracker break-in.  One really nice Cfengine feature is that ordinary users can invoke it, attempting to fix a broken configuration if the system administrator is unavailable.  (PIKT is typically just for root use.)

In work first presented at the LISA 1999 Conference [4], Alva Couch and Michael Gilfix have

"... created a system administration library that allows one to perform system administration tasks in Prolog.  This is much more powerful and flexible than using other current tools, and has the advantage that the resulting Prolog programs are much closer to describing actual policies than CFEngine configuration files or PIKT scripts."

Perhaps because their comments were based on earlier, less mature versions of PIKT, I feel that they underestimate the power, flexibility, and expressiveness of Pikt scripts, especially the fully documented, macro-enhanced versions found in the central configuration files (as opposed to the preprocessed, uncommented versions installed on the slave systems).

Their Prolog-based approach to systems administration is intriguing and potentially far-reaching, but it suffers from one significant problem: Unless one attains proficiency with Prolog (not a widely used language, to say the least), their system is a "black box," closed to the do-it-yourselfer who demands complete control over, or at least complete understanding of, the system.  In any case, at this time, source code is not yet available for public distribution, so it is hard to evaluate their approach effectively.

There are other systems monitoring packages out there, including: Big Brother [7], and its clone Big Sister [1]; Mon [9]; NetSaint [5]; and still others.  These tend to focus more on performance statistics and problem reporting, less on systems configuration and problem solving.  To their credit, they rely on standard scripting languages, but they don't deal specifically or as extensively with the problem of per-machine and per-OS customization like PIKT, Cfengine, and the Prolog-based library do.

I have no experience using any of the high-octane, very expensive commercial packages (like Tivoli [8] or CA Unicenter TNG [10]) and can't venture any comparisons or opinions about them.

prev page 1st page next page
Home | FAQ | News | Intro | Samples | Tutorial | Reference | Software
Developer's Notes | Licensing | Authors | Pikt-Users | Pikt-Workers | Related Projects | Site Index | Privacy Policy | Contact Us
Page best viewed at 1024x768 or greater.   Page last updated 2017-01-11.   This site is PIKT® powered.
Copyright © 1998-2017 Robert Osterlund. All rights reserved.
Home FAQ News Intro Samples Tutorial Reference Software
PIKT Logo
PIKT Page Title
View sample
named.conf
config file