1 / 43

UNIX and Linux Management with System Center 2012

UNIX and Linux Management with System Center 2012. Barry Shilmover Senior Program Manager Microsoft Corporation. Session Objectives and Takeaways. Session Objective(s): UNIX/Linux management capabilities in OpsMgr 2012 UNIX/Linux management capabilities in ConfigMgr2012.

zelia
Download Presentation

UNIX and Linux Management with System Center 2012

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. UNIX and Linux Management with System Center 2012 Barry Shilmover Senior Program Manager Microsoft Corporation

  2. Session Objectives and Takeaways • Session Objective(s): • UNIX/Linux management capabilities in OpsMgr 2012 • UNIX/Linux management capabilities in ConfigMgr2012

  3. Why UNIX/Linux? Windows only 14% • It’s a heterogeneous world out there! • 86% of large IT orgs have mixture of Windows, UNIX, and Linux 86% Heterogeneous

  4. Increasing Heterogeneous Momentum 2008 2009 2010 2011 2012 • Develop UNIX/Linux in OpsMgr 2007 • Ship UNIX/Linux in OpsMgr 2007 • Ship VMware support in SC VMM • Acquire Opalis • Enhance UNIX/Linux in OpsMgr 2012 • Develop Xen support in SC VMM • Integrate Opalis into SC • DevelopUNIX/Linux in ConfigMgr • Develop JEE in OpsMgr • Ship UNIX/Linux in OpsMgr 2012 • Ship Xen support in SC VMM • Ship Opalis as SC Orchestrator • Develop UNIX/Linux in ConfigMgr • Ship JEE in OpsMgr 2012 • Start next wave of development • Start next wave of development • Start next wave of development

  5. Operations Manager 2012

  6. Who’s Using UNIX/Linux in OpsMgr? • 3000+ customers (nearly 20% of all OpsMgr customers) are managing UNIX/Linux in addition to Windows • Managed UNIX/Linux node count ranges from just a few to 15,000 • Linux leads, but all three UNIX flavors as well

  7. Supported Operating Systems • Version Support • New versions of operating systems supported within 180 days of release • Old versions supported as long as vendor provides support

  8. Architectural Overview Config Service Config Service OpsMgr Management Server OpsMgr Management Server SDK SDK Health Service ssh protocol OM channel WS-Man protocol Health Service OpsMgr agent for UNIX/Linux (OpenPegasus CIMOM Server + providers) Managed Windows Computer MP MP Managed UNIX/Linux Computer MP MP MP MP OpsMgr agent for Windows

  9. UNIX/Linux Architecture Details Managed UNIX/LinuxComputer OpsMgrManagementServer Config Service ssh client library Agent Maintenance Actions ssh connection sshd SDK Port 1270 WS-Man request WinRM client library OpsMgr agent for UNIX/Linux (OpenPegasus CIMOM Server + providers) HTTPS transport Health Service HTTPS transport WS-Man response MP MP MP WinRM = Windows Remote Management WS-Man = Web Service Management protocol sshd = standard UNIX/Linux secure shell daemon

  10. UNIX/Linux Architecture Implications

  11. High Availability Implications  Admin creates Resource Pool and copies certificates using scxcertconfig.exe Management Server fails Resource Pool with two MS’s Config Service Config Service SDK SDK  Pool selects one of its members to discover and monitor the UNIX/Linux computer Health Service Health Service Pool selects another member to monitor the UNIX/Linux computer Admin selects a Resource Pool to discover and monitor the UNIX/Linux computer OpsMgr agent for UNIX/Linux (OpenPegasus CIMOM Server + providers) MP MP MP MP  UNIX/Linux computer has no Management Server state and is not aware of the change MP MP UNIX/Linux Computer

  12. Operations Manager UNIX/Linux Demo

  13. Communication Overhead • Management Server must get WS-Man query results each time a monitor/rule fires • Multiple monitors/rules can be satisfied by a single WS-Man network query via “cookdown” • Works across management packs • Intervals must match • Example: 10 File Systems * 12 standard monitors/rules = 120 monitors/rules All cookdown to a single WS-Man query to the agent, per interval

  14. Topology Implications • Recommendation: Put UNIX/Linux computers on a dedicated Management Server pool • Scale by adding Management Servers to pool • Gateways can be used to cross firewall boundaries • Configure gateways in a pool for high availability

  15. OpsMgr Access to UNIX/Linux Computers • Based on RunAs Profiles and RunAs Accounts • An administrator sets up RunAs Accounts, including passwords, that are stored in OpsMgr database • Associates an Account with each of three Profiles listed below • Other operators can initiate actions without knowing passwords

  16. OpsMgr Access to UNIX/Linux Computers (“sudo” is similar to Windows “RunAs” command; sudo = “Do as SuperUser”)

  17. Privilege Elevation Architecture  Linux Admin ensures sudo is set up on unprivileged account MP rule fires Config Service OpsMgr agent for UNIX/Linux OpsMgr Management Server Managed UNIX/Linux Computer SDK sudo Privileged Action Health Service  Connect to OpsMgr agent using username & password (unprivileged)  Linux username & password are retrieved  Invoke sudo to get privileges, then perform the privileged action MP MP OpsMgr Database  OpsMgr Admin creates RunAs Account using info from Linux Admin MP RunAs Profile RunAs Acct RunAs Acct RunAs Acct

  18. Powershell Cmdlets • UNIX/Linux specific cmdlets for: • Agent maintenance operations • Manage UNIX/Linux RunAs Accounts • Agent maintenance cmdlets allow scripting and background operation • Discovery and agent install • Agent upgrade • Delete computer from OpsMgr • Agent uninstall

  19. Extensibility • New template in OpsMgr 2012 for UNIX/Linux command line • Create rule or monitor based on shell script or other UNIX/Linux commands (perl, …) • Similar capabilities to script template for Windows • Process/service monitoring template improvements • Distinguished based on arguments, not just process name • Monitor for min/max process instance count • Log file monitoring template improvements

  20. Configuration Manager 2012

  21. Why add UNIX/Linux support to ConfigMgr? • Enterprises have heterogeneous environments • IT Admins prefer a single solution to manage clients and servers • IT Managers’ concerns around security and compliance - want a single view, consolidated reports • Customer Sales bids frequently require cross platform support • Evolution of Microsoft strategy to embrace heterogeneous platforms (started with OpsMgrsupport for UNIX/Linux)

  22. Planned OS Platforms Supported 23 Platforms supported at RTW Solaris Version 11(x86 and SPARC) Version 10 (x86 & SPARC*) Version 9 (SPARC) SUSE Linux Enterprise Server Version 11 (x86 & x64) Version 10 (x86 & x64) Version 9 (x86) • AIX • Version 7.1 (Power) • Version 6.1 (Power) • Version 5.3 (Power) • HP-UX • Version 11iv3 (IA64 & PA-RISC) • Version 11iv2 (IA64 & PA-RISC) • Red Hat Enterprise Linux • Version 6 (x86 & x64) • Version 5 (x86 & x64)* • Version 4 (x86 & x64) * CTP Support for 3 Platforms

  23. ConfigMgr for UNIX/Linux - Schedule

  24. Core Functionality for UNIX/Linux • Hardware Inventory • Software Distribution • Software Inventory

  25. Architecture Overview – Agent for UNIX/Linux Existing ConfigMgr 2012 or SP1 ConfigMgr Addon for UNIX/Linux New component common to all UNIX/Linux New component - OS specific Built-in OS functionality Native ConfigMgr communication with Agent Agent for UNIX/Linux Equivalent of ccmexec.exe in Windows CIMOM Server Equivalent of the WMI service in Windows Provider 1 Provider 2 Provider 3 Equivalent of WMI providers in Windows PAL OS Resources

  26. Hardware Inventory - Scenarios • View UNIX/Linux Hardware Inventory using Resource Explorer • Create Collections (query based) of UNIX/Linux computers based on HW Inventory properties • Create Advertisements that can target Collections of UNIX/Linux computers • Generate consolidated reports based on HW Inventory • Define new CIM classes and create custom providers • Extend existing CIM classes/properties

  27. Hardware Inventory - Implementation • Implementing a CIMOM Server (in place of WMI) • UNIX/Linux CIM Classes are mapped to existing WMI Classes • One-to-one mapping of existing class properties • Initially only implementing the core subset of UNIX/Linux applicable classes and properties • Support for UI configured Inventory of Classes/Properties (instead of editing SMS_Def.mof) • Full Inventory and Deltas are supported

  28. Hardware Inventory - Extensibility • CIMOM server is fully extensible • Custom providers implement classes beyond what MS provides out-of-box • APIs and tools will be public • New providers must be installed on each computer Agent for UNIX/Linux CIMOM Server Provider 1 Provider 2 Provider 3 Custom Provider PAL OS Resources

  29. Software Distribution - Scenarios • Deploy software to UNIX/Linux servers • Deploy patches/updates to installed software • Remove/uninstall software • Deploy UNIX/Linux OS patches • Run arbitrary maintenance scripts on UNIX/Linux servers

  30. Software Distribution - Implementation • Create a package/program for Classic Software Dist • Specify application package in UNIX/Linux format (e.g. pkg, rpm or tarball) • Specify UNIX/Linux installation script to execute • Package gets replicated on the DPs • Advertise to a Collection that contains UNIX/Linux computers • UNIX/Linux Agents transfer content from DP using HTTP/HTTPS • UNIX/Linux computers typically don’t support SMB connections and UNC paths • Network bandwidth throttling is supported • Installation occurs during maintenance windows • Status message sent back - just like Windows

  31. Scenario Walkthrough SWD – Package (PKG/RPM)+ Program (Install Script) SWD – Package (MSI) + Program Site Server & Site DB IT Admin Admin UI • UNIX/Linux additions dovetail with: • Existing ConfigMgr Console and UI • Existing Hardware Infrastructure • Existing Management Paradigms UNIX/Linux Advertisement Advertisement DP MP Status Msg Download Pkg (HTTP only) Policy Status Msg Policy Download Pkg (SMB or HTTP) Install during maintenance window Install during maintenance window

  32. Software Inventory - Scenarios • View native installed UNIX/Linux software (pkgs/rpms) under ARP using Resource Explorer • Collect software inventory by specifying file name format and directory structure to search under

  33. Features that will not be implemented  Supported  Will NOT be Supported

  34. © 2011 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

More Related