MDC-B202: Running and Managing Linux and UNIX

splattersquadSecurity

Nov 16, 2013 (3 years and 8 months ago)

106 views

Cross
-
platform
from
the

metal up

Offer robust Linux/UNIX capabilities
across WSSC & Azure
products

Traditional

Virtualized

Private Cloud

Public Cloud



Windows



Linux



UNIX



Windows



Linux



UNIX



Windows


Linux



Windows


Linux

Product

Linux

UNIX

Red

Hat

SUSE

CentOS

Ubuntu

Debian

Oracle

AIX

HP
-
UX

Solaris

Operations

Manager



















Configuration
Manager



















Endpoint
Protection













No

Plans

Virtual Machine
Manager









Future

Future

Hyper
-
V









Future

Future

Azure
IaaS

Future







Future

Future

Microsoft

developers

Customer
servers
w/Hyper
-
V

MS

download

center

Customer installs LIS

Support issues
flow in reverse
direction


Linux
kernel
main

Linux community

LIS for Hyper
-
V

Distro

vendors

Linux
distro

w/LIS

. . . .

Distro

Version

LIS Availability

Red Hat

Enterprise Linux

5.7, 5.8, 6.0
-
6.3

Download LIS from Microsoft

5.9, 6.4

LIS built
-
in and certified by Red Hat

SUSE Linux

Enterprise

Server

11 SP2

LIS built
-
in

CentOS

5.7, 5.8, 6.0
-
6.3

Download LIS from Microsoft

5.9, 6.4

LIS built
-
in

Ubuntu Server

12.04,

12.10, 13.04

LIS built
-
in

Debian

7.0

LIS built
-
in

2008

2009

2010

2011

2012

2013

Linux/UNIX

i
n OpsMgr

Initial development

Shipping

JEE in
OpsMgr

Initial development

Shipping

Linux/UNIX in

ConfigMgr

Initial development

Shipping

Linux in VMM

Initial
dev

Shipping

Linux Endpoint Protection

in ConfigMgr

Initial
dev

Shipping

Linux in DPM

Initial
dev

Shipping


Monitor OS health &
performance


Monitor log files


Monitor JEE app servers


Monitor line
-
of
-
business
applications


Monitor databases and
web servers


Audit security events

Operations Manager

Monitor operations


Inventory hardware


Inventory installed
applications


Create collections based
on inventory


Distribute and install
software


Report on inventory and
software distribution


Endpoint Protection
(anti
-
virus)


Configuration Manager

Deploy software


Personalize OS instances
when deploying


Use service templates for
multi
-
tier deployments


Scale out using service
templates


Live migrate across
Hyper
-
V hosts

Virtual Machine Manager

Manage a private cloud




VMM host
agent

VMM Server

Agent
files

Hyper
-
V host



VMM server
generates Linux
specialization doc



VMM Server
creates ISO with
specialization doc and
Linux agent, and
sends to host agent

.xml

HW
config

OS
config

Linux Integrations

Linux guest
agent



Agent does specialization
using doc from DVD, then
exits and shuts down VM

.xml



After boot,
agent checks for
new version on
DVD and installs

Library Server

VHD with
Linux OS



Host agent creates
VM from Linux VHD
and mounts ISO in the
virtual DVD drive



Host agent
starts VM

Feature

In 2012

SP1

Hardware

Inventory



Inventory of Installed Software (like Add/Remove

Progs
)



Software

Deployment



Secure and authenticated
communications



Integrated Reporting



Push Install

of Native Client



OS Deployment with OS native tools



User Centric Software Installation



Desired Configuration Management

(DCM)



Remote Control



Internet
-
Based Client Management (IBCM)



ConfigMgr server

roles

Client for Linux/UNIX

CIM Server (OMI)

Provider

1

Provider 3

PAL

Provider 2

OS Resources

Equivalent of
ccmexec.exe
in Windows

Equivalent of
the WMI
service in Windows

Equivalent of WMI
providers in
Windows

New component
common

to all Linux/UNIX

New component
-

OS specific

Built
-
in OS functionality

Existing ConfigMgr 2012 SP1

Normal ConfigMgr
MP & DP
communication

R
equest

Response

View Linux/UNIX hardware inventory for a single
computer using Resource Explorer

View installed software (like Add/Remove Programs)

Create collections of computers based on HW
Inventory properties

Run reports that aggregate inventory data across
Windows and Linux/UNIX computers

http://omi.opengrup.org
Deploy applications

Deploy patches/updates to installed applications

Deploy Linux/UNIX OS patches

Run arbitrary maintenance scripts

UNIX
/
LINUX SERVERS
WINDOWS CLIENTS
SWD


Package (MSI/??) + Program

Advertisement

Download
Pkg

(SMB or HTTP)

Download
Pkg

(HTTP/S only)

Status
Msg

Linux/UNIX
Advertisement


SWD


Package (PKG/RPM/??) + Program (command line)

Install during
maintenance window

Policy

Install during
maintenance window

Policy

Status

Msg

Site Server
& Site
DB

IT Admin

Admin UI

MP

D
P

Linux/UNIX additions dovetail
with:


Existing ConfigMgr Console and UI


Existing
Hardware Infrastructure


Existing
Management
P
aradigms

Core operating system health and performance
monitoring

Diagnostics & Recoveries with Knowledge articles

MP Templates for custom monitors/tasks

Reports for Linux/UNIX computers

Audit Collection Service

Centralized agent admin via UI and PowerShell

Health

Service

MP

MP

MP

OpsMgr Management Server

Managed
Linux/UNIX
Computer

OpsMgr agent

for
Linux/UNIX

(
OpenPegasus

CIM

Server + providers)

sshd

ssh
client

library

WinRM

client

library

s
sh
connection


HTTPS
transport

WS
-
Man request

WS
-
Man response

Agent

Maintenance

Actions

HTTPS
transport

Port

1270

WinRM

= Windows Remote Management

WS
-
Man = Web Service Management protocol

sshd

=
Linux/UNIX
s
ecure
sh
ell
d
aemon

Config

Service

SDK

(OMI CIM

Server + providers)

Health and performance monitoring in Microsoft’s
Linux/UNIX management packs

CPU

Memory

Disk

Network

Processes

Logfiles


Monitor any logfile


Specify regular expression to match against


Target a single computer or group of computers

Custom
LogFile

Monitoring


Monitor by name any service, daemon or process


Distinguish duplicate names with regex filter on process arguments


Specify minimum and maximum counts


Target a single computer or group of computers

Service
Monitoring


Run any shell command line to determine health or performance


Target a single computer or group of computers

Command line
rules and
monitors

OpsMgr

Management Pack Catalog

http://pinpoint.microsoft.com/en
-
US/category.aspx?catid=1&fpf=700004
Representative partners:

Partner

Management Packs

Bridgeways

Oracle, DB2, Apache HTTP Server,

others

NiCE

Oracle,

DB2, Domino, BlackBerry Enterprise Server (BES)

Quest Software

Wide variety of operating

systems and middleware

E
-
View

AS/400

Veeam

VMware ESX

Monitor top four JEE application servers

Foundation for Java apps as 1st
-
class citizens

Tomcat

5.5,

6.0, 7

JBoss

4.2, 5.1, 6


WebSphere

6.1, 7.0


WebLogic

11g Rel1,

10g

Rel3

Windows Server









Linux









Oracle

Solaris



IBM AIX



HP
-
UX

Now supporting

SP1 Linux

distros!

http
://aka.ms/WS2012R2
http://
aka.ms/SC2012R2
http://microsoft.com/msdn

www.microsoft.com/learning

http://channel9.msdn.com/Events/TechEd

http://microsoft.com/technet