slide1 n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
UNIX and Linux Management with System Center 2012 PowerPoint Presentation
Download Presentation
UNIX and Linux Management with System Center 2012

Loading in 2 Seconds...

play fullscreen
1 / 43

UNIX and Linux Management with System Center 2012 - PowerPoint PPT Presentation


  • 74 Views
  • Uploaded on

UNIX and Linux Management with System Center 2012. Barry Shilmover Senior Program Manager Microsoft Corporation. Session Objectives and Takeaways. Session Objective(s): UNIX/Linux management capabilities in OpsMgr 2012 UNIX/Linux management capabilities in ConfigMgr2012.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'UNIX and Linux Management with System Center 2012' - zelia


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
unix and linux management with system center 2012

UNIX and Linux Management with System Center 2012

Barry Shilmover

Senior Program Manager

Microsoft Corporation

session objectives and takeaways
Session Objectives and Takeaways
  • Session Objective(s):
    • UNIX/Linux management capabilities in OpsMgr 2012
    • UNIX/Linux management capabilities in ConfigMgr2012
why unix linux
Why UNIX/Linux?

Windows only

14%

  • It’s a heterogeneous world out there!
    • 86% of large IT orgs have mixture of Windows, UNIX, and Linux

86%

Heterogeneous

increasing heterogeneous momentum
Increasing Heterogeneous Momentum

2008

2009

2010

2011

2012

  • Develop UNIX/Linux in OpsMgr 2007
  • Ship UNIX/Linux in OpsMgr 2007
  • Ship VMware support in SC VMM
  • Acquire Opalis
  • Enhance UNIX/Linux in OpsMgr 2012
  • Develop Xen support in SC VMM
  • Integrate Opalis into SC
  • DevelopUNIX/Linux in ConfigMgr
  • Develop JEE in OpsMgr
  • Ship UNIX/Linux in OpsMgr 2012
  • Ship Xen support in SC VMM
  • Ship Opalis as SC Orchestrator
  • Develop UNIX/Linux in ConfigMgr
  • Ship JEE in OpsMgr 2012
  • Start next wave of development
  • Start next wave of development
  • Start next wave of development
who s using unix linux in opsmgr
Who’s Using UNIX/Linux in OpsMgr?
  • 3000+ customers (nearly 20% of all OpsMgr customers) are managing UNIX/Linux in addition to Windows
  • Managed UNIX/Linux node count ranges from just a few to 15,000
  • Linux leads, but all three UNIX flavors as well
supported operating systems
Supported Operating Systems
  • Version Support
  • New versions of operating systems supported within 180 days of release
  • Old versions supported as long as vendor provides support
architectural overview
Architectural Overview

Config

Service

Config

Service

OpsMgr

Management

Server

OpsMgr

Management

Server

SDK

SDK

Health

Service

ssh protocol

OM channel

WS-Man protocol

Health

Service

OpsMgr agent

for UNIX/Linux

(OpenPegasus CIMOM

Server + providers)

Managed

Windows

Computer

MP

MP

Managed

UNIX/Linux

Computer

MP

MP

MP

MP

OpsMgr agent

for Windows

unix linux architecture details
UNIX/Linux Architecture Details

Managed UNIX/LinuxComputer

OpsMgrManagementServer

Config

Service

ssh client

library

Agent

Maintenance

Actions

ssh connection

sshd

SDK

Port

1270

WS-Man request

WinRM

client

library

OpsMgr agent

for UNIX/Linux

(OpenPegasus CIMOM

Server + providers)

HTTPS transport

Health

Service

HTTPS transport

WS-Man response

MP

MP

MP

WinRM = Windows Remote Management

WS-Man = Web Service Management protocol

sshd = standard UNIX/Linux secure shell daemon

high availability implications
High Availability Implications

 Admin creates Resource Pool and copies certificates using scxcertconfig.exe

Management Server fails

Resource Pool

with two MS’s

Config

Service

Config

Service

SDK

SDK

 Pool selects one of its members to discover and monitor the UNIX/Linux computer

Health

Service

Health

Service

Pool selects another member to monitor the UNIX/Linux computer

Admin selects a Resource Pool to discover and monitor the UNIX/Linux computer

OpsMgr agent

for UNIX/Linux

(OpenPegasus CIMOM

Server + providers)

MP

MP

MP

MP

 UNIX/Linux computer has no Management Server state and is not aware of the change

MP

MP

UNIX/Linux Computer

communication overhead
Communication Overhead
  • Management Server must get WS-Man query results each time a monitor/rule fires
  • Multiple monitors/rules can be satisfied by a single WS-Man network query via “cookdown”
    • Works across management packs
    • Intervals must match
    • Example: 10 File Systems * 12 standard monitors/rules = 120 monitors/rules

All cookdown to a single WS-Man query to the agent, per interval

topology implications
Topology Implications
  • Recommendation: Put UNIX/Linux computers on a dedicated Management Server pool
  • Scale by adding Management Servers to pool
  • Gateways can be used to cross firewall boundaries
    • Configure gateways in a pool for high availability
opsmgr access to unix linux computers
OpsMgr Access to UNIX/Linux Computers
  • Based on RunAs Profiles and RunAs Accounts
    • An administrator sets up RunAs Accounts, including passwords, that are stored in OpsMgr database
    • Associates an Account with each of three Profiles listed below
    • Other operators can initiate actions without knowing passwords
opsmgr access to unix linux computers1
OpsMgr Access to UNIX/Linux Computers

(“sudo” is similar to Windows “RunAs” command; sudo = “Do as SuperUser”)

privilege elevation architecture
Privilege Elevation Architecture

 Linux Admin ensures sudo is set up on unprivileged account

MP rule fires

Config

Service

OpsMgr agent

for UNIX/Linux

OpsMgr

Management

Server

Managed

UNIX/Linux

Computer

SDK

sudo

Privileged

Action

Health

Service

 Connect to OpsMgr agent using username & password (unprivileged)

 Linux username & password are retrieved

 Invoke sudo to get privileges, then perform the privileged action

MP

MP

OpsMgr

Database

 OpsMgr Admin creates RunAs Account using info from Linux Admin

MP

RunAs Profile

RunAs Acct

RunAs Acct

RunAs Acct

powershell cmdlets
Powershell Cmdlets
  • UNIX/Linux specific cmdlets for:
    • Agent maintenance operations
    • Manage UNIX/Linux RunAs Accounts
  • Agent maintenance cmdlets allow scripting and background operation
    • Discovery and agent install
    • Agent upgrade
    • Delete computer from OpsMgr
    • Agent uninstall
extensibility
Extensibility
  • New template in OpsMgr 2012 for UNIX/Linux command line
    • Create rule or monitor based on shell script or other UNIX/Linux commands (perl, …)
    • Similar capabilities to script template for Windows
  • Process/service monitoring template improvements
    • Distinguished based on arguments, not just process name
    • Monitor for min/max process instance count
  • Log file monitoring template improvements
slide22

Why add UNIX/Linux support to ConfigMgr?

  • Enterprises have heterogeneous environments
  • IT Admins prefer a single solution to manage clients and servers
  • IT Managers’ concerns around security and compliance - want a single view, consolidated reports
  • Customer Sales bids frequently require cross platform support
  • Evolution of Microsoft strategy to embrace heterogeneous platforms (started with OpsMgrsupport for UNIX/Linux)
planned os platforms supported
Planned OS Platforms Supported

23 Platforms supported at RTW

Solaris

Version 11(x86 and SPARC)

Version 10 (x86 & SPARC*)

Version 9 (SPARC)

SUSE Linux Enterprise Server

Version 11 (x86 & x64)

Version 10 (x86 & x64)

Version 9 (x86)

  • AIX
    • Version 7.1 (Power)
    • Version 6.1 (Power)
    • Version 5.3 (Power)
  • HP-UX
    • Version 11iv3 (IA64 & PA-RISC)
    • Version 11iv2 (IA64 & PA-RISC)
  • Red Hat Enterprise Linux
    • Version 6 (x86 & x64)
    • Version 5 (x86 & x64)*
    • Version 4 (x86 & x64)

* CTP Support for 3 Platforms

core functionality for unix linux
Core Functionality for UNIX/Linux
  • Hardware Inventory
  • Software Distribution
  • Software Inventory
architecture overview agent for unix linux
Architecture Overview – Agent for UNIX/Linux

Existing ConfigMgr 2012 or SP1

ConfigMgr

Addon for

UNIX/Linux

New component common to all UNIX/Linux

New component - OS specific

Built-in OS functionality

Native ConfigMgr communication with Agent

Agent for UNIX/Linux

Equivalent of ccmexec.exe in Windows

CIMOM Server

Equivalent of the WMI service in Windows

Provider 1

Provider 2

Provider 3

Equivalent of WMI providers in Windows

PAL

OS Resources

hardware inventory scenarios
Hardware Inventory - Scenarios
  • View UNIX/Linux Hardware Inventory using Resource Explorer
  • Create Collections (query based) of UNIX/Linux computers based on HW Inventory properties
  • Create Advertisements that can target Collections of UNIX/Linux computers
  • Generate consolidated reports based on HW Inventory
  • Define new CIM classes and create custom providers
  • Extend existing CIM classes/properties
hardware inventory implementation
Hardware Inventory - Implementation
  • Implementing a CIMOM Server (in place of WMI)
    • UNIX/Linux CIM Classes are mapped to existing WMI Classes
    • One-to-one mapping of existing class properties
    • Initially only implementing the core subset of UNIX/Linux applicable classes and properties
  • Support for UI configured Inventory of Classes/Properties (instead of editing SMS_Def.mof)
  • Full Inventory and Deltas are supported
hardware inventory extensibility
Hardware Inventory - Extensibility
  • CIMOM server is fully extensible
    • Custom providers implement classes beyond what MS provides out-of-box
    • APIs and tools will be public
  • New providers must be installed on each computer

Agent for UNIX/Linux

CIMOM Server

Provider 1

Provider 2

Provider 3

Custom

Provider

PAL

OS Resources

software distribution scenarios
Software Distribution - Scenarios
  • Deploy software to UNIX/Linux servers
  • Deploy patches/updates to installed software
  • Remove/uninstall software
  • Deploy UNIX/Linux OS patches
  • Run arbitrary maintenance scripts on UNIX/Linux servers
software distribution implementation
Software Distribution - Implementation
  • Create a package/program for Classic Software Dist
    • Specify application package in UNIX/Linux format (e.g. pkg, rpm or tarball)
    • Specify UNIX/Linux installation script to execute
    • Package gets replicated on the DPs
  • Advertise to a Collection that contains UNIX/Linux computers
  • UNIX/Linux Agents transfer content from DP using HTTP/HTTPS
    • UNIX/Linux computers typically don’t support SMB connections and UNC paths
    • Network bandwidth throttling is supported
  • Installation occurs during maintenance windows
  • Status message sent back - just like Windows
scenario walkthrough
Scenario Walkthrough

SWD – Package (PKG/RPM)+ Program (Install Script)

SWD – Package (MSI) + Program

Site Server & Site DB

IT Admin

Admin UI

  • UNIX/Linux additions dovetail with:
  • Existing ConfigMgr Console and UI
  • Existing Hardware Infrastructure
  • Existing Management Paradigms

UNIX/Linux Advertisement

Advertisement

DP

MP

Status Msg

Download Pkg

(HTTP only)

Policy

Status

Msg

Policy

Download Pkg

(SMB or HTTP)

Install during maintenance window

Install during maintenance window

software inventory scenarios
Software Inventory - Scenarios
  • View native installed UNIX/Linux software (pkgs/rpms) under ARP using Resource Explorer
  • Collect software inventory by specifying file name format and directory structure to search under
features that will not be implemented
Features that will not be implemented

Supported

Will NOT be Supported

slide43

© 2011 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.

The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.