200 likes | 219 Views
Manage configuration files on multiple servers from a central repository. Control access, distribution, monitoring, and more. Ensure integrity, security, and ease of management.
E N D
Sysgem File Synchronizer(SFiS) Manage configuration files on multiple target serversfrom definitions held in a central repository A Sysgem Enterprise Manager (SEM) Module
SFiS Central Repository • The SFiS central repository has a definition of: • the name / location of the target files • the data that is stored in the target files • shell scripts to be invoked before/after an update of the data on the target systems • importantly, it also distinguishes between common data and target-specific data
What it does… 1. Source File Mgt. • GUI to create and edit files • ‘Source’ files plus ‘Include’ files • Held in a central repository • Control access (for security & delegation) • Full auditing • Encrypted storage
What it does… 2. File Distribution • Display target server & file lists • Show differences between Source / target files • ‘Drill down’ to see differences • Indicate required updates • Filter & select exceptions • One-click updates to the target configuration files
What it does… 3. Monitoring & Reporting • Take HTML / spreadsheet reports • Automatically monitor target files • Alarm inconsistencies • Report changes via e-mail • ‘Set & Forget’ Solution • Monitor 100’s of servers
What it does… 4. Configuration Management • Run pre / post Shell scripts • One source file per target file for 100’s of servers • Typical files: • /etc/crontab • /etc/hosts • /etc/sudoers … • Or, use with any text file • Use a simple Meta-language to define variations between servers
What it does… 5. Access Control & Audit Trail • Control access to: • nominated servers • Nominated files (target & source) • Script commands • Menu options … for nominated administrators • Full audit logging • Browse / analyse / report on audit logs
What it does… 6. Control Integrity • Conform to central policies • Log authentic changes • Detect unauthorized changes • Automated alarms • Audit history browser
Target Files Compare contents Central File On Distributed Servers Display Differences Compare & report…
Target Files Synchronize contents Central File Distributed Servers Show Update Results Update & Deploy…
Predictability … View which data / shell commands apply to individual servers and not others View which data & shell commands apply to individual servers and not to others
Typical Configuration FilesManaged by Sysgem File Synchronizer: • /etc/sudoers • /etc/hosts • /usr/openv/netbackup/bp.conf (Configuration file for netbackup) • /etc/crontab • /etc/sysctl.conf • /etc/group • /etc/shells • /etc/services • Scripts (with the “I” clause you can distribute scripts --- shell, Perl, etc)
Key Benefits • Ease of Configuration Management: • Control Configuration files from one central point • Convenient and easy distribution of updates • Check status and look for exceptions for the entire network in a single display window • Increased Integrity & Increased Security : • Automatic monitoring resulting in alarms when corporate policies not being adhered to • Audit trail • Reduced Effort: • Delegate with fine granularity of privileges • Ease of Creating of Reports
########################################### # # This is a Demo File # # It is held on server: # # DemoLinux1 # # IP Address: # # 192.168.213.5 # # Port: # # 7251 # # Color Code: # # Blue # ########################################### ########################################### # # This is a Demo File # # It is held on server: # # DemoLinux2 # # IP Address: # # 192.168.213.7 # # Port: # # 7251 # # Color Code: # # Red # ########################################### Demonstration - target file content: DemoLinux1 DemoLinux2
Demonstration - source file content: “T” = Title for source file T FileSync Demo - B1 # # Target Files: # F DemoLinux1 /tmp/FileSync/FileSync-Demo-B.txt F DemoLinux2 /tmp/FileSync/FileSync-Demo-B.txt A ++ D ########################################### D # D # This is a Demo File D # D # It is held on server: D # D # {{SRVNAME}} D # D # IP Address: D # D # {{IPADDRESS}} D # D # Port: D # D # {{PORT}} D # D # Color Code: D # D # {{COLOR}} D # D ########################################### “F” = target “File” name (One central source file, target files on multiple servers) “A ++” = Apply the following data items to *all* connected agents Variables for expansion at run time. “D” = Data items
Managed Agents on Target Systems Authorization Server Management Console (Windows GUI) SEMInstalledComponents
ManagedServers Administrators & Scripts Registered at Proxy Server SSH ProxyServer AuthorizationServer GUI Additional Security with SEM Proxy Servers…