Administer Production Servers Effectively with OpenLMI Russell Doty Technology Product Manager, Stephen Gallagher System Architect, Red Hat Mid Level Sysadmin

Routine, day to day tasks Experienced with Microsoft & VMware New to

Experienced Linux SysAdmin

Big Bag 'O Scripts & ssh

Powered by nmcli lvcreate HELP!mkfs.xfs yum parted systemctl Need to Automate! Prerequisite for the automated factory: Robots In other words: An infrastructure and foundation for automation.

Client Python CLI Scripting Java /C++

Remote Communications Abstraction API nmcli yum lvcreate Mkfs.xfs Parted systemctl We Can Build This! Why OpenLMI?

Previous Open Source Remote Management Tools Lacked a Strong Foundation – A Management API

What is OpenLMI? •A set of Management Agents • That can change the system •A Standardized Remote API •A Standard Communications Infrastructure • Built on XML over https •A Client Environment • Scripting built on Python • CLI • Other languages

OpenLMI Providers - Heavy Lifting •Perform management operations •Provide standard API • Low level, functional API • Remote/Local API •Built on existing Linux tools and utilities (e.g. parted, lvcreate, Network Manager)

Object Broker - OpenPegasus •Manages Providers • Commands – attributes & methods • Navigation & query • Events (Indications) •Manages Communications • WBEM – CIM/XML over https •Manages Authentication & Access

Events - OpenLMI Indications •Notification of Asynchronous Events • e.g. job completion, drive failure, NIC changed state, password changed •Listener registers with CIMOM • Multiple Listeners per event •All registered Listeners notified when event occurs •Powerful tool for monitoring

Client Interfaces •OpenLMI API • Low level functional API • Full coverage •LMIShell Modules (EPEL) • Task oriented Python modules • Subset of full API •LMI CLI (EPEL) • Task oriented, user friendly CLI • BASH shell friendly • Least coverage

Sounds Interesting... Show Me What You Are Talking About Build a RAID Set lmi> storage raid create --name myraid 5 vdb vdc vdd lmi> storage vg create myvg myraid lmi> storage lv create myvg myvol 1G lmi> storage fs create xfs myvol lmi> storage mount create \ /dev/mapper/myvg-myvol \ /mnt/myvol

Configure a NIC lmi> net list lmi> net address replace eth1 192.168.0.130 24 lmi> net activate eth1

Install an Application lmi> sw install httpd lmi> sw install --repoid privaterepo mod_mystuff lmi> sw show pkg httpd

Check if a Service is Running and Restart

lmi> service show cups lmi> service restart cups

Reboot a Server lmi> power list lmi> power reboot lmi> power off

Make Me a Sandwich

Courtesy xkcd.com/149/

What About ?

•Puppet and OpenLMI do different things • Puppet puts system into known state • OpenLMI interacts with system •Puppet and OpenLMI are complementary •Goal: for Puppet to use OpenLMI to operate on systems

OpenLMI Security

• Communications encrypted using TLS (https) •Security Certificate to identify systems •Recommend using domain management such as Red Hat Identity Management (IdM) • Uses Account on Managed System •Must be configured before using OpenLMI • Authentication (Username & Password) required for all OpenLMI management operations •Planned future enhancement: add GSSAPI support

Next Steps – a Call to Action What You Can Do

•Install OpenLMI and try it out •Report on your experiences •Let us know what else is needed •Develop scripts and tools using OpenLMI

How do I get started with custom scripts & tools?

•Easiest way is to use Python and LMIShell •Study the existing LMIShell modules • Find something close to what you want to do • Hack up the LMIShell module • Consider submitting it to the upstream community •Study the OpenLMI API documentation •Use implementation language of your choice • Java, C/C++, (Ruby? Talk to us.)

Key Information

•Russell Doty: [email protected] •Stephen Gallagher: [email protected] •Project Website: www.openlmi.org •Blog: TechPonder.wordpress.com •Mailing list: lists.fedorahosted.org/mailman/listinfo/openlmi-devel •IRC: #openlmi on freenode 27 Thank You