the suse systems management story - prospectum oy · the suse ® systems management story ... drift...
Post on 07-Apr-2018
225 Views
Preview:
TRANSCRIPT
Of Pets and Cattle and Hearts
The SUSE® Systems Management Story
Joachim WernerSenior Product Manager, SUSE
joe@suse.com
2
Who am I?
3
SUSE Enterprise Storage
Datacenter
SUSE® and Linux Workloads in the Enterprise
SUSE Manager
Public Clouds
SUSE Studio
Private Cloud
4
RPM“MyApp”
1 Check insources
2 Check outsources
3 Rebuild RPM
4
SUSE Studio
Sync repository/upload RPM
5 Rebuild image
6 Redeployimage
SUSE OpenStack
Cloud
Instance 1
Instance 2
Instance 1
7 Sync repository
SUSE Manager
8 UpdateRPM
Instance 2
9 Run test
Instance 1
Instance 2
5
RPM“MyApp”
1 Check insources
2 Check outsources
3 Rebuild RPM
4
SUSE Studio
Sync repository/upload RPM
5 Rebuild image
6 Redeployimage
SUSE OpenStack
Cloud
Instance 1
Instance 2
Instance 1
7 Sync repository
SUSE Manager
8 UpdateRPM
Instance 2
9 Run test
Instance 1
Instance 2
MachinerySystem Inspection
System Description
But let's talk aboutManagement first ...
8
SUSE Manager:Operating System Lifecycle Management
Gain control Optimize operations Enable innovation
9
Typical Sales Conversations forSUSE Manager
• Automation of Linux software and patch management
• Compliance
• Distributed/Hybrid environments
• Hosting/Cloud Service Providers
What's next?
11
SUSE Manager Tentative Roadmap
2014 20162015 2017 2018 2019
SUSE Manager 1.7SUSE Linux Enterprise Server 11 SP2
SUSE Manager 4 SUSE Linux Enterprise Server 12 SP2 or SP3Cloud / Virtualization
SUSE Manager 2.1SUSE Linux Enterprise Server 11 SP3
• Setup wizard• Improved UI• Action chaining• Unattended bare-metal system provisioning• Power management• Compliance check based on CVE numbers
SUSE Manager 3SUSE Linux Enterprise Server 12 SP1● Subscription management● “Topology Visualization”● Configuration management● Monitoring● Service Availability / Scalability
12
3 for 3: Main Goals for Manager 3
• Subscription Management in complex environments (virtualized, public/private cloud, large/distributed organizations)
• Configuration Management with a focus on configuration compliance, using
• New external Monitoring component: ‒ loose integration of Icinga and 3rd party (Nagios-compatible)
monitoring stacks with Manager core
‒ easy/automated setup of monitoring probes on newly deployed/managed systems
Subscription Management
14
Subscription Management
• View/report your usage of SUSE subscriptions
• Assign subscriptions to groups of servers based on organizational setup, SLA requirements etc. etc.
• Identify over- or under-utilization
• Optimize your subscription usage
SUSE Manageras the
“Data Hub”
16
Topology Management
• Manage (or import) a “topology tree” with hardware and services and their dependencies
• Centrally provide and manage credentials for third party management APIs (VMware vCenter, SUSE Cloud, Public Cloud accounts)
• Manage and monitor Patch/Security Compliance and Subscription/Licence Compliance across physical, virtual, and Cloud deployments
• Integrate with your Monitoring solution
17
Ideas for SUSE Manager Integration ...
SUSEManager
Directories (SLEPOS, 3rd Party)(LDAP, Active Directory)● Users● Systems● Configuration● Topology
Configuration ManagementDatabases(CMDB), e.g. ServiceNow● Systems● Inventory● Configuration● Topology
VirtualizationPublic or Private Cloud(e.g. VMware vCenter,OpenStack, AWS)● Systems● Topology
Monitoring (e.g. Icinga, Nagios)● Systems● State● Configuration sync
externalConfiguration ManagementSystems (Puppet, Chef, ...)● Act as an “External Node Qualifier”
OS and Container Build Systems● Provide templates and repositories● Trigger rebuilds
Configuration Management
19
Saltstack ...
20
Configuration Management
• New infrastructure based on SaltStack
• Initial focus in Manager 3 is on tracking configuration drift (desired state vs. actual state)
• Versioned templates for individual systems or groups of systems
21
Why SaltStack?
• Combines imperative approach (“Do this NOW”) with declarative approach (“Make sure all my systems look like this”) in one tool
‒ vs. Puppet (needs Ansible or mcollective as a “companion”)
• Distributed architecture fits well into use cases in retail, hybrid cloud etc.
• Better scalability than Puppet
• Easy to extend (with many existing plugins for OpenStack, Docker, etc.)
• Used in SUSE Storage
• Large and rapidly growing community
• Written in Python
‒ fits well into current SUSE Manager client tools stack,
‒ allows for minimizing client footprint
22
What about Puppet?
• “Used in SUSE Manager” vs. “Used with SUSE Manager”
• SaltStack will be the internal implementation used by SUSE Manager that admins can extend themselves
• Puppet is supported as part of SLES and can be used alongside SUSE Manager
• SUSE Manager as the configuration database (External Node Qualifier)
23
Long Term Vision: Service Templates
• The vision is to ultimately be able to provide “Service Templates” for the “Software Defined Datacenter” that describe‒ all the Linux images used in a setup that delivers a certain
software service
‒ all the configuration (hardware and software, from network to credentials)
‒ SLAs (HA, sizing of hardware, performance scaling)
• Looking into TOSCA standard andHeat (OpenStack)
Monitoring
25
Scalability and Availability
27
Manager 3 scalability and high availability goals
• Provide a “t-shirt size” approach (S/M/L/XL) to common tuning/configuration options
• Patch more systems faster
• Reduce memory and CPU usage per managed system
• Optimize for low network bandwidth/high network latency scenarios
• Documentation for Active-Active and Active-Passive clustered High Availability setups
28
SUSE Manager and Red Hat
• Planning to offer a fully supported solution for patching Red Hat systems via SUSE Manager.
• Currently this needs a SUSE “Expanded Support” contract.
• With the new offering the customer will be able to keep the RHEL support contract from Red Hat.
SUSE Manager 3 and RollingBeta Program
SUSE Managerin the Public Cloud
SAP
32
It's Coffee Break time!
Advanced Systems Management with Machinery
Andreas Jaeger Thomas GöttlicherSenior Product Manager Software Engineer
aj@suse.com tgoettlicher@suse.com
Advanced Systems Management with Machinery
Brought to you today by
Joachim (“Joe”) Werner
36
Who did the work?
Thomas GöttlicherSoftware Engineer
Andreas JaegerProduct Manager
37
Alfred's Challenges
AlfredSysadmin Data Center
• Manage old machines• Check for security updates• Find manually installed software • Find configuration drift• Migrate to new OS version• Ensure compliance• Validate application requirements
Introducing Machinery
39
Use Case Areas
Configuration Discovery
System Validation
Service Migration
40
Configuration Discovery
41
System Validation
42
Service Migration
43
Use Case Elements
44
System Description
• Tool centers around system description
• Saved on central admin server
• Complete system information contains:– Installed software
– Configuration files
– Services
– Changes
– …
• Can be transferred to other systems
45
Design Concepts
• Self-contained system description
• Command-line tool
• No client software installation necessary
• Access client machines via ssh from central admin server
“Offline” Systems Management
47
What Machinery is Not
Machinery is not …‒ a configuration management system
‒ a monitoring tool‒ a replacement for YaST®
‒ a replacement for SUSE Manager
48
Other tools
• Cooperation – different tools fulfill different needs
• Ansible, cfengine, chef, puppet, other CM– Automatic configuration of many machines
– But how to install the system initially?
– How to validate that your “scripts” (playbooks, recipes, manifests, etc) do the right thing?
• SUSE Manager– WebUI
– Cooperation planned
– SaltStack!
• AIDE– Sophisticated security tool
49
Machinery's Philosophy
• Made for the system administrator of the data center• Universal system description• Integrate, not duplicate• Open toolbox• Agile development• Technical excellence• Open Source
Project
51
Machinery as Open Source Project
52
53
Plan
• Frequent releases driven by user needs
• Integrate Configuration Management Systems‒ First CMS: saltstack‒ Export of system description to CMS files
• OS Migrations• Dockerize (“Physical-to-Docker”)
Machinery in SUSE Linux Enterprise 12
55
Machinery in SLES®
• Part of SLES 12 mission: Best managed Linux• Advanced Systems Management Module• More rapidly developed life cycle• Frequent releases driven by customer needs
56
Advanced SystemsManagement Module
57
SUSE Linux Enterprise 12
Modules
• Components of SUSE Linux Enterprise
– Flexible lifecycle (different from the base product)– Delivered on-line– Fully supported– Included in the SUSE Linux Enterprise Server subscription
→ No extra cost
• Introduced with SUSE Linux Enterprise 12
58
SUSE Linux Enterprise 12
Modules – a closer look
Module Name Content Lifecycle
Web and Scripting Module
“PHP”, “Python”, “Ruby on Rails” 3 years
Legacy Module Sendmail, old IMAP stack, old Java etc.
3 years
Public Cloud Module Public cloud initialization code and tools
Frequent release
Container Module Docker Frequent release
Toolchain Module GCC Yearly delivery
Advanced Systems Management Module
The configuration management tools cfengine, puppet and the new "machinery" tool
Frequent release
Demo
60
1 2 VM
3
4
5
Recap:
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
Happy Alfred!
What's next?Switching on the experimental mode ...
77
Application Containers
78
But How Do We Get to This?
Container Ship Image by Ana Ulin
79
Containerize a Rails App
80
Workload Identification
if system.runs_service?("mysql")
identify "mariadb", "db"
parameter "user", "dbuser"
parameter "password", SecureRandom.base64
end
81
Orchestration Template
mariadb:
build: ./mariadb
volumes:
./mariadb/data:/var/lib/mysql
environment:
DB_USER: :user
DB_PASS: :password
82
Summary
83
Where to Go From Here?
• Workloads
• Templates
• Orchestration
84
Machinery Take Away
• Machinery is “a systems management toolkit for Linux. It supports configuration discovery, system validation, and service migration. Machinery is based on the idea of an universal system description. Machinery is made for the system administrator of the data center.”
• Machinery is an Open Source project• Machinery is a supported part of SLES 12
85
Contact
• Homepage:http://machinery-project.org
• Source Code:http://github.com/SUSE/machinery
• Mailing List:mailto:machinery@lists.suse.com
86
Thank you.
87
How will You use Machinery?
Additional comments or questions?
Thank you.
88
Join us atmachinery-project.org
89
Corporate HeadquartersMaxfeldstrasse 590409 NurembergGermany
+49 911 740 53 0 (Worldwide)www.suse.com
Join us on:www.opensuse.org
90
Unpublished Work of SUSE LLC. All Rights Reserved.This work is an unpublished work and contains confidential, proprietary and trade secret information of SUSE LLC. Access to this work is restricted to SUSE employees who have a need to know to perform tasks within the scope of their assignments. No part of this work may be practiced, performed, copied, distributed, revised, modified, translated, abridged, condensed, expanded, collected, or adapted without the prior written consent of SUSE. Any use or exploitation of this work without authorization could subject the perpetrator to criminal and civil liability.
General DisclaimerThis document is not to be construed as a promise by any participating company to develop, deliver, or market a product. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. SUSE makes no representations or warranties with respect to the contents of this document, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. The development, release, and timing of features or functionality described for SUSE products remains at the sole discretion of SUSE. Further, SUSE reserves the right to revise this document and to make changes to its content, at any time, without obligation to notify any person or entity of such revisions or changes. All SUSE marks referenced in this presentation are trademarks or registered trademarks of Novell, Inc. in the United States and other countries. All third-party trademarks are the property of their respective owners.
top related