Installation
- Integrated into 2007 R2
- New pre-req checker for WS-Management 1.1
- Unix/Linux agents are copied to the OpsMgr server
Configuration
- Import management packs for the OS’s you use.
- Limitation in the beta: the profile user account can only support 1 user in OpsMgr 2007 – Fixed in R2. This account uses SSH for discovery and 1 diagnostic. Monitoring is done through WS-Management. You can limit this account to certain hosts to prevent crack attempts with unauthenticated health service installations. This can even be filtered to objects or groups or classes in the OpsMgr database.
- Create Run As Accounts
- Create profiles
Discovery Wizard
- Built on OpsMgr discovery framework
- Fully integrated – choose between windows, Unix/Linux and network devices.
- The discovery is moved inR2 into the Administration space of the console. This was done to hide functionality from the operators.
- For Unix we can search by IP, DNS name or IP range. SSH is required on the box for this discovery otherwise it fails. SSH not used if an agent already exists.
- There is functionality to allow for SSH via low privilege user and SU to root – tick box and an extra password.
- Now we import the management packs – downloaded from the catalogue (when published).
What Can We Do Now?
- We can monitor Application/Service, hardware, operating system (including daemons) and heartbeat.
- Note only 6 daemons are monitored by default because every Unix/Linux box is different. Bespoke discovery available.
- Heartbeat: alert if machine down, DNS name changes or agent cert expires.
- Discovers logical disks, NIC’s, processors, etc.
- Monitors health, performance, utilisation, availability, etc.
- Seems identical to Windows monitoring on the face of it. Completely integrated.
- Knowledge is integrated in the MP. The CPE team has Unix/Linux background and they hired real *nix administrators.
- Log file (text search) monitoring: SU usage, root logon failure, critical authentication failures, break-in attempts, SSH authentication failure, successful login to root. Completely extensible beyond this, e.g. you do this or third party.
- New MP templates: log file and service (daemon). You use these to create custom *nix monitoring.
- Rails proved to be a PITA to monitor via text log. A tool MS used to test is included in the rule wizard.
- Using a template you can monitor process or daemons not included in the default set of 6. You have to apply this to a server and maybe a group of servers.
- Daemon checking happens every 5 minutes.
- The fault resolution includes a hyperlink for applying the fix via Tasks; just like Windows.
- If the WS-Man daemon (the "agent") goes offline then it can be restarted via SSH
Reporting
- There are reports.
- If you import reports but they’re not visible then refresh the site.
- Reporting works just like with Windows, i.e. seamless.
How It Works
- This works via a polling mechanism.
- You can customise the polling times for different systems.
- The providers on the monitored box filter events and then share with the polling management server.
- The unofficial scalability: 200 Unix per management server was the aim. They hit 600 before optimising the code. No application management packs in that test.
Beta
- Out now.
- New one in a couple of weeks.
Application Monitoring
- MS are not writing Oracle management packs, MySQL, etc.
- MS leaving this to partners or vendors.
- Authoring of management packs is the same as with Windows.
- Discovery, scripting and data extraction is dependant on the application/OS.
- Partners: Novell for SUSE – Samba, DNS, DHCP, etc. Xandros – (lots of stuff including TomCat, MySQL, DB2, Sendmail, Oracle, Websphere and Apache. Also building some Windows ones too).
Notes
- MS Serious about this. 2 people 18months ago. 37 now.
- Note: F5 has management packs.
- OpsMgr 2007 R2 RTM in Q2 2009 with CPE.