Z/VM Linux Guest System Deployment And Management With IBM .
z/VM Linux Guest System Deployment andManagement with IBM DirectorChristine CaseyMVMUA – October 25, 2007 2007 IBM CorporationIBM Systems
MVMUA – October, 2007DisclaimerThe information contained in this document has not been submitted to any formal IBM test and isdistributed on an "AS IS" basis without any warranty either express or implied. The use of thisinformation or the implementation of any of these techniques is a customer responsibility and dependson the customer's ability to evaluate and integrate them into the operational environment. While eachitem may have been reviewed by IBM for accuracy in a specific situation, there is no guarantee that thesame or similar results will be obtained elsewhere. Customers attempting to adapt these techniques totheir own environments do so at their own risk.In this document, any references made to an IBM licensed program are not intended to state or implythat only IBM's licensed program may be used; any functionally equivalent program may be usedinstead.Any performance data contained in this document was determined in a controlled environment and,therefore, the results which may be obtained in other operating environments may vary significantly.Users of this document should verify the applicable data for their specific environments.It is possible that this material may contain reference to, or information about, IBM products (machinesand programs), programming, or services that are not announced in your country. Such references orinformation must not be construed to mean that IBM intends to announce such IBM products,programming or services in your country.2IBM Systems
MVMUA – October, rOn demand business logoVirtualization EngineCICS*OpenPowerVSE/ESADB2*following are trademarks of the InternationalPower Business Machines Corporation in theWebSphere*TheUnited States and/or other countries.DB2 Universal DatabasePower5xSeries*Virtualization z/OS*IBM*RMFz/VM*IBM logo*System StoragezSeries*IBM eServerSystem z9IMSTivoli*iSeriesTivoli Storage Manager* Registered trademarks of IBM CorporationThe following are trademarks or registered trademarks of other companies.Intel is a trademark of the Intel Corporation in the United States and other countries.Linux is a registered trademark of Linus Torvalds in the United States, other countries, or both.Java and all Java-related trademarks and logos are trademarks or registered trademarks of Sun Microsystems, Inc., in the United States and other countries.Microsoft, Windows and Windows NT are registered trademarks of Microsoft Corporation.UNIX is a registered trademark of The Open Group in the United States and other countries.* All other products may be trademarks or registered trademarks of their respective companies.Notes:Performance is in Internal Throughput Rate (ITR) ratio based on measurements and projections using standard IBM benchmarks in a controlled environment. The actual throughput that any user willexperience will vary depending upon considerations such as the amount of multiprogramming in the user's job stream, the I/O configuration, the storage configuration, and the workload processed.Therefore, no assurance can be given that an individual user will achieve throughput improvements equivalent to the performance ratios stated here.IBM hardware products are manufactured from new parts, or new and serviceable used parts. Regardless, our warranty terms apply.All customer examples cited or described in this presentation are presented as illustrations of the manner in which some customers have used IBM products and the results they may have achieved.Actual environmental costs and performance characteristics will vary depending on individual customer configurations and conditions.This publication was produced in the United States. IBM may not offer the products, services or features discussed in this document in other countries, and the information may be subject to changewithout notice. Consult your local IBM business contact for information on the product or services available in your area.All statements regarding IBM's future direction and intent are subject to change or withdrawal without notice, and represent goals and objectives only.Information about non-IBM products is obtained from the manufacturers of those products or their published announcements. IBM has not tested those products and cannot confirm the performance,compatibility, or any other claims related to non-IBM products. Questions on the capabilities of non-IBM products should be addressed to the suppliers of those products.Prices subject to change without notice. Contact your IBM representative or Business Partner for the most current pricing in your geography.This presentation and the claims outlined in it were reviewed for compliance with US law. Adaptations of these claims for use in other geographies must be reviewed by the local country counsel forcompliance with local laws.3IBM Systems
MVMUA – October, 2007Agenda Overview - IBM Systems Director family What is it? What is the value on Z ? Topology Product Overview – Base functions z/VM Center Extension Overview and Topology Manageability Access Point (MAP) for z/VM CIM Instrumentation Assisted Install z/VM Center Tasks Virtual Server Deployment Server Complexes Utility Service Configuration Manager IBM Director Extension: Software Distribution Premium Edition IBM Director and Tivoli Provisioning Manager (TPM) integration Summary, Additional Information & Documentation4IBM Systems
MVMUA – October, 2007What skill does it take to do basic management tasks?We have many tools, but they are not coordinated and require deep, unique skills for each platformand virtualization technology. Even basic management tasks require using multiple, unrelated tools –even for a single hardware platform.iSeriesNavigatorVE ConsoleClusterSystems MgmtHTML InterfaceIBM DirectorWeb-basedSystems MgmtLTC Linux OSMgmtHardware MgmtConsole (HMC)Where is myapplicationrunning?Which virtualserver is usingthe DVD drive?Where do Ieven start?How do I createanother virtualserver?5What is affected ifthis adapter failsor isdisconnected?IBM Systems
MVMUA – October, 2007What is IBM Director? IBM Director is a management solution for heterogeneous IT environments Operating Systems Linux running on System z / i / p / x i5/OS and AIX Windows Physical & Virtual resources BladeCenter / Storage Devices z/VM, p HMC/LPAR, Xen, VMWare IBM Director provides base platform management and integrates into higher-level Tivoli management stacks e.g. 6Tivoli Provisioning Manager,Tivoli Monitoring (on System z known as OMEGAMON)Tivoli Configuration Manager IBM Systems
MVMUA – October, 2007AnnouncementOverall PictureNovember 2, 2006IBM Tivoli(and selected other enterprise management tools)IBM Systems DirectorPhysical and virtual platformsServer, Storage, gReplicationPlatformspecificcapabilitiesSystemx, i, z, 3rd Party,CustomAnd more . . .OperatingsystemsManagedenvironmentsExtension GroupsIBM Systems
MVMUA – October, 2007IBM Director for Linux on System zIBM Director for Linux on System Z is a full member of the IBM SystemsDirector family, delivering: IBM Director Server, Console and Agent to run on Linux on System z Free of charge core / base functions: discovery, inventory, monitor, alert,etc. - common to all IBM systems Extensions: z/VM Center, Software Distribution Premium Edition Upgrade options to Service Management solutions from TivoliIBM Systems DirectorFoundation8Physical and virtual platformsServer, Storage, NetworkingExtension M Systems
MVMUA – October, 2007IBM Director for Linux on System z – ValueSimplified administration of enterprise wide IT, including z/VM Linuxsystems Consistent tool set across IBM platforms can reduce need for system specificadministration skill Administration of z/VM virtual guests is like for any other serverAutomation of z/VM Linux guest system deployment Template-based deployment of test and development systems, managed via IBM Directorconsole GUI Flexible management of z/VM virtual servers based on industry CIM (Common InformationModel) standardPlatform management with upgrade path to IBM Tivoli solutions on System z Easy start – start with one product only to get the basic systems management functions Grow into comprehensive IBM Service Management solutions like IBM Tivoli Monitoring(ITM) and OMEGAMON 9IBM Systems
MVMUA – October, 2007Director 5.x TopologyIBM Director ConsoleIBM Director ServerCommand LineExtensionsExtensionsDirector Core FrameworkJRE 1.4Linux on System z/x/Power, i5/OS, AIX, WindowsIBMDirectorIBMDirector 5.xIBMDirector 5.xAgentLevel 0AgentLevel 1AgentLevel 2Operating System Resources10BladeCenterHMCSMI-S Storagez/VMXenLPAR (p)IVMVMWareManaged EndpointsPhysical & Virtual ResourcesIBM Systems
MVMUA – October, 2007Product OverviewIBM Director base functions forLinux on System z IBM Director for Linux on System z, Version 5.2 - PID: 5648-DR1DiscoveryGroup ManagementInventoryBaseIBM DirectorFeatureIBM Director z/VM CenterFeatureIBM Director Software Distribution Premium EditionBasic Resource MonitorEvent Action PlanProcess ManagementOrdering: ies.jspRemote SessionFile TransferNetwork ConfigurationSoftware DistributionSNMP Browserz/VM Center Utility Service Configuration Manager z/VM Virtual Server Deployment z/VM Server ComplexesSoftware Distribution PremiumEditionOld release SW package distribution11IBM Systems
MVMUA – October, 2007IBM Director - Console12IBM Systems
MVMUA – October, 2007Base Management – Linux on System zSupported Operating SystemLinux on zSeriesRed Hat Enterprise Linux AS, Version 4.0Novell SUSE Linux Enterprise Server 9 (Service Pack 2) & 10Supported TaskDiscoveryDiscovery of managed systems (agent-less system [level 0]),systems with core services (level 1), IBM Director agents (level 2)(incl. z/VM), SNMP agents, and more – see topology overviewGroup ManagementCreate and manage dynamic and static groups of systems in orderto get control over discovered systems (e.g., to apply IBM Directortask to groups) - z/VM Systems and z/VM Server Complexes groupsare providedInventoryInventory (SW, HW fixes, ) of discovered systemsResource MonitorsDefine / view resource monitors for systems/ groups and setthresholds (e.g., disk, memory usage, CPU usage)Event Action Plan/LogDefine event filters and associated actions for resource monitorsand process monitorsProcess ManagementView/ start/ stop/ monitor processes (e.g. CPU or memoryutilization); execute commands and create schedulable tasks (e.g.cleanup or backup process)13IBM Systems
MVMUA – October, 2007Base Management – Linux on System zSupported TaskRemote SessionEstablish command line sessions (ssh/telnet) with remote systemFile TransferTransfer files between management server and managed systems (e.g.,to synchronize files, directories, configurations)CIM BrowserPlain browsing through CIMOM of CIM instrumentation on managedsystemSNMP BrowserView SNMP information and set SNMP attributesSchedulerSchedule and monitor non-interactive management tasks (e.g. Backupprocess)Network ConfigurationInformation about the network configurationSystem AccountsManagement of Linux User IDs on managed systems (create / changeUser IDs and passwords, manage groups, expiration settings .)Software DistributionDeployment of RPMs for IBM Director agents into Linux systems orgroups- New with V5.20: Software Distribution Premium Edition14IBM Systems
MVMUA – October, 200715 Back to BasefunctionsIBM Systems
MVMUA – October, 2007z/VM Center Extension16IBM Systems
MVMUA – October, 2007Product Overview – z/VM CenterIBM Director base functions forLinux on System z IBM Director for Linux on System z, Version 5.2 - PID: 5648-DR1DiscoveryGroup ManagementInventoryBaseIBM DirectorFeatureIBM Director z/VM CenterFeatureIBM Director Software Distribution Premium EditionBasic Resource MonitorEvent Action PlanProcess ManagementOrdering: ies.jspRemote SessionFile TransferNetwork ConfigurationSoftware DistributionSNMP Browserz/VM Center Utility Service Configuration Manager z/VM Virtual Server Deployment z/VM Server ComplexesSoftware Distribution PremiumEditionOld release SW package distribution17IBM Systems
MVMUA – October, 2007What is the Idea behind z/VM Center? Idea: Management of z/VM Management of Linux guest operating systems with IBM Director Today: z/VM Center extension provides access to the provisioningcapabilities of z/VM z/VM Manageability Access Point (MAP) Linux system providing out-of-band access to z/VM management Uses Systems Management APIs for z/VM z/VM Center is a client that exploits the management interface of thez/VM MAP18IBM Systems
MVMUA – October, 2007About z/VM Managed Objects z/VM Managed Objects Model z/VM operating systems as user-perceivable entities Provide basic z/VM system information Negotiates CIM communication to the z/VM MAP Start point to launch z/VM Center TasksVirtual Server DeploymentServer Complexesz/VM MAPCIM-XMLz/VM MOTask Activationz/VM MO discovery19IBM Systems
MVMUA – October, 2007z/VM Center Topology Manageability Access Point (MAP)z/VMLinuxLinuxLinuxLinuxLinuxLinuxz/VM CenterExtensionLinuxLinuxLinuxDatamoveAccess to z/VM managementcapabilitiesDirectory Manager VSMSERVEDirector Level 1 Agent with aninstallation of the CIM profile for z/VMmanagement implementationz/VM MAP Linux DirectorServerz/VMSystem z LPAR Hypervisor20IBM Systems
MVMUA – October, 2007z/VM Manageability Access PointDiscoveryLinux MAPDirectorServerz/VM Center ExtensionLevel 1 AgentCIM-XML over HTTPSSLP SAPegasus CIMOMProvider LayerCIM-VM LayerMOF(DataModel)CIMInstances(e.g VST)VMAPI LayerVSMSERVEz/VMManagementSLP ServiceDaemon(zvm-mgmtslpd)OtherprovidersDirectory ositoryCIM profile forz/VM ManagementImplementation(Provider Libraries)CP commandhcp (cpint)vmcpz/VM Control Program (CP)z/VM SM API call (RPC)System z LPAR Hypervisor21IBM Systems
MVMUA – October, 2007Management Access Point (MAP) - CIM Instrumentation of z/VM(additional backup chart)Tivoli ProvisioningManager ServerDirector Serverothers SM-API Guest DIR. MGR.Guestz/VM MAP guest systemData MoverGuestDirector Agent for z/VMVSMSERVEDIRMAINTDataMoverz/VM CIM InterfaceDirectorAgentSLPSAPegasus CIMOMLinuxLINUXUserDirectoryLinuxz/VMProviders ProvidersCMSCMSLINUXLINUXCMSz/VM (CP)Back to z/VM22 CenterfunctionsIBM Systems
MVMUA – October, 2007z/VM CenterTasks23IBM Systems
MVMUA – October, 2007z/VM Center Task Overview1. Virtual Server Deployment – VSD (per z/VM instance) Capture and Deploy Linux operating systems into Virtual Servers2. Server Complexes – SC (per z/VM instance) Provisioning into a property-enforced environment3. Utility Service Configuration Manager Ease-of-use application deployment and configuration (via HTTP or CIM)4. Assisted Installation for z/VM MAP (3270 based application) 24REXX script based installation with autoyast and kickstartIBM Systems
MVMUA – October, 20071) Virtual Server Deployment General z/VM information Basic Virtual Server ‘Lifecycle’ management Virtual Server Template management Capturing of Operating System Templates (OST) Creation of virtual servers and deployment of OperatingSystem templates25IBM Systems
MVMUA – October, 2007z/VM Center – Task ‘Virtual Server Deployment‘Supported Operating SystemLinux on zSeriesRed Hat Enterprise Linux AS, Version 4.0Novell SUSE Linux Enterprise Server 9 (Service Pack 2) & 10z/VMz/VM 5.2 or 5.3, requires DirMaint – see z/VM Center set-upVirtual Server Deployment - Basic provisioning of virtual guests on z/VMz/VM System StatusList existing virtual servers (virtual guests) running under theselected z/VM system properties of virtual serversTemplatesUse templates to provision new z/VM virtual server and Linuxoperating systemsTemplates can be created as snap-shot of existing virtual serversor Linux systems, or defined new via a wizardCreate virtual server under z/VMUse virtual server template to provision new virtual serverDeploy Linux operating systemUse operating system template to provision Linux operating system26IBM Systems
MVMUA – October, 2007Five Steps to your own z/VM Virtual Server1. Register a manually installed Linux guest operating system with z/VM Center2. Capture this Linux guest operating system by creating a new OperatingSystem Template (OST)3. Create a Virtual Server Template Specify main memory sizes, number of CPUs, 4. Create a new z/VM Virtual Server based on this template5. Deploy the OST into the newly created z/VM Virtual Server 27Specify network settingsIBM Systems
MVMUA – October, 2007The Concept of Operating System TemplatesCreate newOS TemplateCreate new OSLinuxSelecting disks to beshared by the OSTemplateLinuxMaster OSCloned OSLinuxCloned OSLinuxLinuxDiskcopyCloned OSOS TemplateDDR orFlashCopyShared28IBM Systems
MVMUA – October, 2007Virtual Server & OS TemplateDirectorServerz/VM Center ExtensionLinux MAPLevel 1 AgentCIM-XML over HTTPSPegasus CIMOMCIM profile forz/VM ManagementImplementation(Provider Libraries)PreparePersonalizationScriptVirtual ServerAccess RulesProvider LayerVirtualServerTemplate(VST)Operating SystemTemplate (OST)VirtualServerVirtual Server (VS)Linux OS(captured)Linux OSPersonalizationScriptPersonalizationScriptCIM-VM LayerVMAPI Layerz/VM Control Program (CP)System z LPAR Hypervisor29IBM Systems
MVMUA – October, 200730IBM Systems
MVMUA – October, 2007Operating System TemplateBack to z/VM31 CenterfunctionsIBM Systems
MVMUA – October, 20072) Server Complexes Represents a (possibly) multi-tier grouping of virtual servers Each tier can have specific properties and/or commonproperties of the Server Complex Configuration settings can be predefined Configuration properties are:32 Control of VM resource assignments (uses z/VM’s Virtual MachineResource Manager SM APIs) Definition of virtual networking Definition of additional minidisksIBM Systems
MVMUA – October, 2007z/VM Center – Task ‘Server Complexes‘Server Complexes – Ease-of-use Virtual Server Deployment Automates configuration of z/VM Linux guests Configuration settings can be predefined via the properties of a server complex Every Linux guest which is added/cloned to a server complex, is configured according to these properties taking care of the underlying z/VM as well as Linux configurationFast cloning Virtual Server Deployment withpredefined configuration settings z/VM Linux guest systems creationwith minimal manual interactionCustomization Personalization of clones via scriptsReduced failures Configuration consistency (z/VMand Linux) is controlled: Deviations are listed Consistent configuration isapplied33IBM Systems
MVMUA – October, 2007z/VM Center – Server ComplexesSupported Operating SystemLinux on zSeriesRed Hat Enterprise Linux AS, Version 4.0Novell SUSE Linux Enterprise Server 9 (Service Pack 2) & 10z/VMz/VM 5.2 or 5.3, requires DirMaintServer Complexes - Ease-of-use Virtual Server DeploymentTiers/Guests in a Server ComplexServer Complexes are defined per z/VM; they predefine theconfiguration settings of multiple Linux virtual servers – every tier in aServer Complex might represent its own different configurationsettingsConfiguration PropertiesAllows predefinition of network settings (LAN, VSwitch, OSA),minidisks and z/VM resource allocations to tiers within a ServerComplexCloningMultiple instances of Linux op
8 IBM Systems MVMUA – October, 2007 IBM Director for Linux on System z IBM Director for Linux on System Z is a full member of the IBM Systems Director family, delivering: IBM Director Server, Console and Agent to run on Linux on System z Free of charge core / base functions: discovery, inventory, monitor, alert,
Linux in a Nutshell Linux Network Administrator’s Guide Linux Pocket Guide Linux Security Cookbook Linux Server Hacks Linux Server Security Running Linux SELinux Understanding Linux Network Internals Linux Books Resource Center linux.oreilly.comis a complete catalog of O’Reilly’s books on Linux and Unix and related technologies .
Other Linux resources from O’Reilly Related titles Building Embedded Linux Systems Linux Device Drivers Linux in a Nutshell Linux Pocket Guide Running Linux Understanding Linux Network Internals Understanding the Linux Kernel Linux Books Resource Center linu
Perfection PC Perfection PC Inc. Philips Philips Electronics Planar Planar Systems Inc PLEXON Plexon, Inc. Pogo Linux Pogo Linux, Inc. Pogo Linux Altura M2 Pogo Linux, Inc. Pogo Linux Velocity -D50 Pogo Linux, Inc. Pogo Linux Verona 330 Pogo Linux, Inc. Pogo Linux Vor
Yes. Oracle Autonomous Linux, which is based on Oracle Linux, is 100% application binary compatible with IBM's Red Hat Enterprise Linux. This means that applications certified to run on Red Hat Enterprise Linux can run on Oracle Autonomous Linux unmodified. Oracle Linux binaries are provided for patching and updating Red Hat Enterprise Linux
Official Kali Linux Documentation This PDF has been autogenerated on docs.kali.org - Apr 7, 2013 00. Introduction to Kali Linux What is Kali Linux ? Kali Linux is an advanced Penetration Testing and Security Auditing Linux distribution. Kali Linux Features Kali is a complete re-build of BackTrack Linux, adhering completely to Debian development .
2 LXC DOCKER MICHAEL LESSARD A bit of history - Virtualization and containers Chroot (version 7 Unix, 1979) FreeBSD Jails (FreeBSD 4, 2000) Linux vserver (Linux, Oct 2001) Para-virtualization Xen (Linux, 2003) Solaris zones (Solaris 10, 2004) OpenVZ (Linux, 2005) Full virtualization KVM (Linux, 2007) Linux Containers - LXC (Linux 2.6.29 2009)
Chapter 23 – Linux Security. 2 Outline Introduction Linux Security Model Linux File-System Security Linux Vulnerabilities Linux System Hardening Application Security Mandatory Access Controls. 3 Introduction Linux –Unix like computer OS that uses Linux kernel created by LinusTorvaldsin 1991 evolved into a popular alternative to Win and MAC OS has .
Advanced Linux Programming Contents At a Glance I Advanced UNIX Programming with Linux 1 Getting Started 3 2 Writing Good GNU/Linux Software 17 3 Processes 45 4 Threads 61 5 Interprocess Communication95 II Mastering Linux 6 Devices 129 7 The /proc File System 147 8 Linux System Calls 167 9 Inline Assembly Code 189 10 Security 197 11 A Sample GNU/Linux Application 219 III
