Duty3G/User Guide
This page was last modified 05:25, 6 August 2007.From Documentation
Revision as of 03:39, 19 June 2006 Daniels (Talk | contribs) ← Previous diff |
Current revision Moff (Talk | contribs) (→Software Environment) |
||
Line 1: | Line 1: | ||
== Getting Started == | == Getting Started == | ||
- | duty3G is a menu-driven application for automating UNIX systems operations and administration in an Open Systems data center. | ||
- | === About this Guide === | + | Duty3G is a menu-driven application for automating UNIX, Linux and Windows systems operations and administration in a data center. |
+ | |||
+ | <br> | ||
+ | ''' About this Guide ''' | ||
+ | |||
This guide is the primary reference for setting up and using duty3G. The bulk of the guide consists of ‘how-to’ material, designed to help operators and system administrators to use duty3G quickly and efficiently. It describes how to: | This guide is the primary reference for setting up and using duty3G. The bulk of the guide consists of ‘how-to’ material, designed to help operators and system administrators to use duty3G quickly and efficiently. It describes how to: | ||
*install duty3G | *install duty3G | ||
Line 10: | Line 13: | ||
*perform ongoing housekeeping and administration. | *perform ongoing housekeeping and administration. | ||
- | === About this Chapter === | + | <br> |
+ | |||
+ | ''' About this Chapter ''' | ||
+ | |||
This chapter introduces you to duty3G both from a management and a technical perspective. | This chapter introduces you to duty3G both from a management and a technical perspective. | ||
Line 25: | Line 31: | ||
*where to look for more information. | *where to look for more information. | ||
- | This chapter and the next contain useful information to help you prepare to install and use duty3G. However, if you wish to get started immediately, skip to [[Appendix A—Installing Duty3G]]. | + | This chapter and the next contain useful information to help you prepare to install and use duty3G. However, if you wish to get started immediately, skip to [[Duty3G/User Guide/Appendix A — Installing duty3G | Appendix A - Installing duty3G]]. |
- | === Who should use this guide === | + | <br> |
+ | |||
+ | ''' Who should use this guide ''' | ||
+ | |||
This guide is aimed at: | This guide is aimed at: | ||
*managers who need an overview of what duty3G can do | *managers who need an overview of what duty3G can do | ||
Line 35: | Line 44: | ||
*auditors who need to understand how duty3G fits in with the organization’s policies and procedures. | *auditors who need to understand how duty3G fits in with the organization’s policies and procedures. | ||
- | == Management Overview == | + | <br> |
+ | |||
+ | === Management Overview === | ||
+ | |||
duty3G facilitates a standard approach to the management of distributed, multi-vendor UNIX data centers. It provides secure, reliable, task automation and scheduling, through: | duty3G facilitates a standard approach to the management of distributed, multi-vendor UNIX data centers. It provides secure, reliable, task automation and scheduling, through: | ||
*automation of system management functions | *automation of system management functions | ||
Line 41: | Line 53: | ||
*tighter control over data center operations. | *tighter control over data center operations. | ||
- | === What duty3G can do === | + | <br> |
- | For Data Center Managers: duty3G’s interactive duty lists ensure reliable operations by presenting prioritized lists of tasks in a consistent, easy-to-use format. It allows better allocation of resources through scheduling and delegation of tasks. | + | ''' What duty3G can do ''' |
- | For Administrators: duty3G frees experienced staff to concentrate on high-value activities. It allows routine and repetitive tasks to be delegated to less-experienced staff by hiding complexity. | + | ;For Data Center Managers: Duty3G’s interactive duty lists ensure reliable operations by presenting prioritized lists of tasks in a consistent, easy-to-use format. It allows better allocation of resources through scheduling and delegation of tasks. |
- | For Operations Staff: duty3G provides a dynamic checklist that shows the status of tasks in progress and reminds operators when tasks are due to be run. Overdue tasks are flagged and color coding of tasks allows at-a-glance monitoring. | + | ;For Administrators: Duty3G frees experienced staff to concentrate on high-value activities. It allows routine and repetitive tasks to be delegated to less-experienced staff by hiding complexity. |
- | For Auditors: duty3G ensures safe delegation of important and sensitive operations tasks. duty3G maintains an audit trail of duties performed and skipped and it records whether duties succeeded or failed. | + | ;For Operations Staff: Duty3G provides a dynamic checklist that shows the status of tasks in progress and reminds operators when tasks are due to be run. Overdue tasks are flagged and color coding of tasks allows at-a-glance monitoring. |
- | === Benefits of duty3G === | + | ;For Auditors: Duty3G ensures safe delegation of important and sensitive operations tasks. Duty3G maintains an audit trail and daily compliance reports of duties performed and skipped, and records whether duties succeeded or failed. |
- | ;automation: By encapsulating complex procedures into one or more duties, duty3G can help to simplify many system administration procedures. | + | |
+ | <br> | ||
+ | ''' Benefits of duty3G ''' | ||
+ | |||
+ | ;automation: By encapsulating complex procedures into one or more duties, duty3G can help to simplify many system administration procedures. Duty3G allows many routine tasks to run without any operator intervention, including chains of dependent tasks. | ||
+ | ;delegation: Duties simplify complex tasks and hide operating system variations, so they can be reliably delegated to less-experienced staff. | ||
+ | ;control: An audit trail records full details of what duties were performed, and whether they succeeded or failed. Daily compliance reports record exception details of what duties were performed, skipped or just missed, and which failed and were disabled. | ||
+ | |||
+ | <br> | ||
+ | |||
+ | ==== Duty Concepts ==== | ||
+ | |||
+ | duty3G supports scheduled, automatic and ‘at request’ duties to any host on the network (including non-UNIX hosts). It also supports ‘carry forward’ to accommodate public holidays and weekends. | ||
+ | |||
+ | <br> | ||
+ | ''' What is a duty? ''' | ||
+ | |||
+ | System managers can define what operational tasks need to be performed and when, then set up the appropriate tasks as duties within duty3G. A duty can be any command or series of commands and scripts that could be entered at the shell prompt. | ||
+ | |||
+ | Duties can be performed to a set schedule, or on an as-required basis, either with or without operator intervention. Extensive duty logs are maintained, and these can be used to verify that duties are being performed. | ||
+ | |||
+ | Duty lists can be used to define and implement most operations procedures, including backup schedules, housekeeping tasks, security checks, audit procedures and preventive maintenance schedules. | ||
+ | |||
+ | <br> | ||
+ | ''' Control ''' | ||
+ | |||
+ | You can delegate specific duties to an individual operator (or group of operators) while retaining complete control over what tasks are done. Operators only have access to their preconfigured range of duties. Because duty3G’s duty list can be used to encapsulate secure functions, there is no need to provide shell access for nonprivileged or inexperienced staff. | ||
+ | |||
+ | This means that facilities available at a remote site can be restricted to those delegated by the system manager. Instead of granting users access to privileged accounts, the system manager defines each function as a duty, assigns correct privilege to that duty, then gives users access to particular duties. | ||
+ | |||
+ | <br> | ||
+ | ''' Best practice ''' | ||
+ | |||
+ | Duty3G encourages sound management practices by making it possible to perform the regular operations workload in a way that is efficient, reliable, verifiable, compliant, and repeatable. | ||
- | duty3G allows many routine tasks to run without any operator intervention, including chains of dependent tasks. | ||
- | delegation duties simplify complex tasks and hide operating system variations, | ||
- | so they can be reliably delegated to less-experienced staff. | ||
- | control an audit trail records full details of what duties were performed or | ||
- | 4 Getting Started | ||
- | skipped, and whether they succeeded or failed. | ||
- | Duty Concepts | ||
- | duty3G supports scheduled, automatic and ‘at request’ duties to any host on the network | ||
- | (including non-UNIX hosts). It also supports ‘carry forward’ to accommodate | ||
- | public holidays and weekends. | ||
- | What is a duty? | ||
- | System managers can define what operational tasks need to be performed and | ||
- | when, then set up the appropriate tasks as duties within duty3G. A duty can be any | ||
- | command or series of commands and scripts that could be entered at the shell | ||
- | prompt. | ||
- | Duties can be performed to a set schedule, or on an as-required basis, either with or | ||
- | without operator intervention. Extensive duty logs are maintained, and these can be | ||
- | used to verify that duties are being performed. | ||
- | Duty lists can be used to define and implement most operations procedures, including | ||
- | backup schedules, housekeeping tasks, security checks, audit procedures and preventive | ||
- | maintenance schedules. | ||
- | Control | ||
- | You can delegate specific duties to an individual operator (or group of operators) | ||
- | while retaining complete control over what tasks are done. Operators only have | ||
- | access to their preconfigured range of duties. Because duty3G’s duty list can be used | ||
- | to encapsulate secure functions, there is no need to provide shell access for nonprivileged | ||
- | or inexperienced staff. | ||
- | This means that facilities available at a remote site can be restricted to those delegated | ||
- | by the system manager. Instead of granting users access to privileged | ||
- | accounts, the system manager defines each function as a duty, assigns correct privilege | ||
- | to that duty, then gives users access to particular duties. | ||
- | Getting Started 5 | ||
- | Best practice | ||
- | duty3G encourages sound management practices by making it possible to perform | ||
- | the regular operations workload in a way that is efficient, reliable, verifiable, and | ||
- | repeatable. | ||
The automation of routine tasks has several benefits. | The automation of routine tasks has several benefits. | ||
- | • It saves time | + | *It saves time |
- | • It frees up resources | + | *It frees up resources |
- | • It reduces the possibility of human error by ensuring that operators never | + | *It reduces the possibility of human error by ensuring that operators never have to enter commands, but instead run predefined duties, even though these duties may require privileged user access. |
- | have to enter commands, but instead run predefined duties, even though | + | |
- | these duties may require super user access. | + | Because duty3G encapsulates local expertise, it reduces your dependence on individual skills and minimizes the operational difficulties associated with staff turnover. |
- | Because duty3G encapsulates local expertise, it reduces your dependence on individual | + | |
- | skills and minimizes the operational difficulties associated with staff turnover. | + | <br> |
- | 6 Getting Started | + | |
- | Technical Overview | + | === Technical Overview === |
+ | |||
This topic describes duty3G’s software environment: | This topic describes duty3G’s software environment: | ||
- | • licensing | + | *licensing |
- | • installation and configuration | + | *installation and configuration |
- | • starting duty3G from COSmanager or the command line | + | *starting duty3G from COSmanager or the command line |
- | • directories, environment variables, and log files | + | *directories, environment variables, and log files |
- | • startup procedure | + | *startup procedure |
- | • access security | + | *access security |
- | • user interface | + | *user interface |
- | Setting Up and Using duty3G | + | |
+ | <br> | ||
+ | ==== Setting Up and Using duty3G ==== | ||
+ | |||
To install duty3G, you will need: | To install duty3G, you will need: | ||
- | • a distribution tape containing the duty3G software | + | *a distribution containing the duty3G software |
- | • an installed copy of the COSmanager application framework | + | *an installed copy of the COSmanager application framework |
- | • a license key | + | *a license key |
- | Licensing | + | |
- | COSmanager uses a host-name-based licensing scheme. You supply information for | + | <br> |
- | each host on which duty3G and other applications are to be run. Your COSmanager | + | ''' Licensing ''' |
- | distributor will give you a set of license keys that encode information about which | + | |
- | applications can be run on each host, and for how long (that is, whether for a trial | + | COSmanager uses a host-name-based licensing scheme. You supply information for each host on which duty3G and other applications are to be run. Your COSmanager distributor will give you a set of license keys that encode information about which applications can be run on each host, and for how long (that is, whether for a trial period or indefinitely). |
- | period or indefinitely). | + | |
- | Caution Do not change the license key or product string. This will invalidate your license. | + | :{{Caution| Do not change the license key or product string. This will invalidate your license.}} |
- | You will be prompted to enter the license key and product string during the installation | + | |
- | procedure. | + | You will be prompted to enter the license key and product string during the installation procedure. |
- | Getting Started 7 | + | |
- | Installation and configuration | + | <br> |
+ | ''' Installation and configuration ''' | ||
+ | |||
The main steps are: | The main steps are: | ||
- | 1. If COSmanager is not already installed, you must first install and configure | + | #If COSmanager is not already installed, you must first install and configure the COSmanager application framework. See the [[COSmanager/User Guide | COSmanager User Guide]]. |
- | the COSmanager application framework. See the COSmanager User Guide. | + | #Install duty3G from the distribution by running <em style="color:darkslategray;font-weight:bold">Application > Install</em> from the COSmanager applications menu. You will be prompted for the license key during this step. |
- | 2. Install duty3G from the distribution tape by running Application > | + | #Select duty3G configuration to see the list of standard duties included with duty3G. Use the Maintain menu to change existing duties or add new ones. |
- | Install from the COSmanager applications menu. You will be | + | |
- | prompted for the license key during this step. | + | For more details, see [[Duty3G/User Guide/Appendix A — Installing duty3G | Appendix A - Installing Duty3G]]. |
- | 3. Select duty3G configuration to see the list of standard duties | + | |
- | included with duty3G. Use the Maintain menu to change existing duties | + | <br> |
- | or add new ones. | + | ''' Starting duty3G ''' |
- | For more details, see Appendix A—Installing COS/Duty on page 59. | + | [[Image:Duty outstanding.png|frame|Figure 1 — Duty console (GUI version)]] |
- | Starting duty3G | + | |
- | From the COSmanager button bar (GUI) | + | ''From the COSmanager button bar (GUI)'' |
- | Select the Duty button. The duty console is displayed. | + | :Select the '''Duty''' button. The duty console is displayed. |
- | Figure 1 — Duty console (GUI version) | + | |
- | 8 Getting Started | + | |
- | From the COSmanager main menu (CUI) | + | ''From the COSmanager main menu (CUI)'' |
- | Select the duty3G option. | + | :Select the duty3G option. |
- | From the command line | + | |
- | To launch the default version, enter: | + | |
- | cos duty | + | ''From the command line'' |
- | To launch a different version, enter: | + | :To launch the default version, enter: |
- | cos duty -v version | + | {{code|cos duty}} |
- | Software Environment | + | |
- | duty3G is installed under the home directory of the COSmanager account. All the | + | :To launch a different version, enter: |
- | files are owned by cosmos and belong to the cosmos group, except for a handful | + | {{code|cos duty -v version}} |
- | of database tables that are owned by root. | + | |
- | duty3G’s log file is stored in the system spool area. COSmanager has a crontab | + | <br> |
- | entry to cycle all its audit trails automatically. | + | |
- | Only authorized COSmanager users can use duty3G. Access control within duty3G | + | ==== Software Environment ==== |
- | is provided through roles and capabilities, which determine each user’s ability to | + | |
- | view or modify an application’s configuration or to run selected menu options. | + | Duty3G is installed under the home directory of the COSmanager account. All the files are owned by cosmos and belong to the cosmos group, except for a handful of database tables that are owned by root. |
- | COSmanager sets a number of variables in the user’s environment when they start | + | |
- | duty3G. These mostly define directory names and the user’s access capabilities. You | + | Duty3G’s log file is stored in the system spool area. COSmanager has a crontab entry to cycle all its audit trails automatically. |
- | can check your environment by running env from a duty3G shell: | + | |
- | Startup procedure | + | Only authorized COSmanager users can use duty3G. Access control within duty3G is provided through roles and capabilities, which determine each user’s ability to view or modify an application’s configuration or to run selected menu options. |
- | When you launch duty3G from COSmanager or through the cos duty command, | + | |
- | the following steps are performed: | + | COSmanager sets a number of variables in the user’s environment when they start duty3G. These mostly define directory names and the user’s access capabilities. You can check your environment by running env from a duty3G shell: |
- | $ cos duty -c ksh | + | |
- | duty: env | pg | + | {{code|$ cos duty -c ksh<br>duty: env | pg}} |
- | Getting Started 9 | + | |
- | • check that duty3G has a valid licence | + | <br> |
- | • check that the current version of the COSmanager framework is at least the | + | |
- | minimum version required by this application | + | ''' Startup procedure ''' |
- | • create environment variables describing duty3G’s directory structure: its | + | |
- | home directory ($APPL_HOME), database directory ($APPL_DB), and | + | When you launch duty3G from COSmanager or through the cos duty command, the following steps are performed: |
- | application path ($APPL_PATH) | + | *check that duty3G has a valid licence |
- | • if an application password is required, ask the user to enter it | + | *check that the current version of the COSmanager framework is at least the minimum version required by this application |
- | • if authentication is required, ask for the user’s password | + | *create environment variables describing duty3G’s directory structure: its home directory ($APPL_HOME), database directory ($APPL_DB), and application path ($APPL_PATH) |
- | • prepend the application’s directories to the search paths | + | *if an application password is required, ask the user to enter it |
- | • create environment variables for any local roles and capabilities. Along with | + | *if authentication is required, ask for the user’s password |
- | the variables created during COSmanager startup, these determine which | + | *prepend the application’s directories to the search paths |
- | duties and facilities the user can access in duty3G | + | *create environment variables for any local roles and capabilities. Along with the variables created during COSmanager startup, these determine which duties and facilities the user can access in duty3G |
- | • execute $APPL_HOME/profile. This sets environment variables specific | + | *execute $APPL_HOME/profile. This sets environment variables specific to duty3G |
- | to duty3G | + | *display duty3G version information (GUI) |
- | • display duty3G version information (GUI) | + | *display the duty console for this user showing the users' preferred startup view. |
- | • display the top-level menu or button bar for this user. | + | |
- | Access Security | + | <br> |
- | Fine-grained capability controls allow users to be given limited ‘views’ of duty3G | + | |
- | options, enabling tight control to be maintained over access to all key functions. | + | ==== Access Security ==== |
- | COSmanager users are assigned one or more roles. Each role identifies a responsibility | + | |
- | or class of users in your organization, for example ‘Senior Operator’ or ‘User’. | + | Fine-grained capability controls allow users to be given limited ‘views’ of duty3G options, enabling tight control to be maintained over access to all key functions. |
- | Within each COSmanager application such as duty3G, roles are defined in terms of | + | |
- | the access capabilities they grant. In turn, capabilities determine what menu options, | + | COSmanager users are assigned one or more roles. Each role identifies a responsibility or class of users in your organization, for example ‘Senior Operator’ or ‘User’. Within each COSmanager application such as duty3G, roles are defined in terms of the access capabilities they grant. In turn, capabilities determine what menu options, duties, and actions the user can perform. |
- | duties, and actions the user can perform. | + | |
- | Users are granted access to COSmanager via options in the COSmanager configuration | + | Users are granted access to COSmanager via options in the COSmanager configuration menu. |
- | menu. | + | |
- | A number of roles are provided with COSmanager, including Manager, Config, | + | A number of roles are provided with COSmanager, including Manager, Config, Admin, Auditor, User, and SeniorOp. |
- | Admin, Auditor, User, and SeniorOp. | + | |
- | 10 Getting Started | + | :{{Note|Changes made to a user’s security profile don’t come into effect until the next time the user invokes COSmanager.}} |
- | Note Changes made to a user’s security profile don’t come into effect until | + | |
- | the next time the user invokes COSmanager. | + | Many functions, particularly those that modify system files and COSmanager tables, require specific access capabilities. Users who do not have the right capabilities will not be able to access or even view these functions. |
- | Many functions, particularly those that modify system files and COSmanager tables, | + | |
- | require specific access capabilities. Users who do not have the right capabilities will | + | <br> |
- | not be able to access or even view these functions. | + | ''' User interface ''' |
- | User interface | + | |
- | The user interface to all COSmanager applications is provided through a series of | + | The user interface to all COSmanager applications is provided through a series of reusable software tools known collectively as The Functional Toolset. Both graphical (GUI) and character (CUI) mode interfaces are provided. As there are only a handful of different types of screen, the interface is very easy to learn. |
- | reusable software tools known collectively as The Functional Toolset. Both graphical | + | |
- | (GUI) and character (CUI) mode interfaces are provided. As there are only a | + | |
- | handful of different types of screen, the interface is very easy to learn. | + | |
The GUI mode features a Motif-style ‘look and feel’. | The GUI mode features a Motif-style ‘look and feel’. | ||
- | The GUI mode can also be used from a PC running Windows 3.11, Windows 95 or | + | |
- | Windows NT, without the need for X emulation software. | + | The GUI mode can also be used from a PC running Windows XP, Windows 2000 or Windows 2003, without the need for X emulation software. |
- | The CUI mode is intended for users who access COSmanager from a character terminal | + | |
- | or via terminal emulation from a PC. It features a full-screen interface with | + | The CUI mode is intended for users who access COSmanager from a character terminal or via terminal emulation from a PC. It features a full-screen interface with support for function keys and pop-up windows. |
- | support for function keys and pop-up windows. | + | |
- | Keyboard traversal in the GUI interface is consistent with the CUI version. This | + | Keyboard traversal in the GUI interface is consistent with the CUI version. This allows users to swap between X displays, Windows PCs, and character terminals, with minimal retraining and without loss of productivity. |
- | allows users to swap between X displays, Windows PCs, and character terminals, | + | |
- | with minimal retraining and without loss of productivity. | + | The user interface is described in detail in the [[COSmanager/User Guide | COSmanager User Guide]]. |
- | The user interface is described in detail in the COSmanager User Guide. | + | |
- | Getting Started 11 | + | <br> |
- | Conventions Used | + | |
- | This manual uses the following conventions: | + | === For More Information === |
- | This style is used to indicate: | + | |
- | • text that is displayed on your screen | + | The [[COSmanager/User Guide | COSmanager User Guide]] explains how to install COSmanager products, including duty3G. |
- | • commands that you type in at the keyboard | + | |
- | • the names of fields, directories and files | + | This guide describes how to configure duty3G, how to maintain duties and roles, how to view and perform duties, and how to generate reports listing all or selected duties. |
- | • actions assigned to buttons or function keys | + | |
- | Examples: | + | Technical information about COSmanager commands can be found in the COSmanager Reference Guide. This contains manual pages for the Functional Toolset and application- specific commands, including commands used in duty3G. |
- | Enter ‘write secoff ’ in the Command field. | + | |
- | /etc/passwd | + | COSmanager promotes a ‘policies and procedures’ approach to system management, including task scheduling. How to Implement Policy Based Management and a Sample Policy and Procedures Manual are available without charge from your COSmanager distributor. |
- | Press Accept to schedule the backup job. | + | |
- | Cross-references to other chapters or manuals are shown in italics—see Conventions | + | <br> |
- | Used, page 5 for example. Italics are also used for emphasis. | + | |
- | Notes contain useful information and reminders that could help you to save time | + | ==[[/Duty3G Access | Duty3G Access]]== |
- | and effort. Example: | + | |
- | Note Searching a large number of indexes can be very slow. Use a start and | + | ==[[/Duty Management | Duty Management]]== |
- | end date to limit the search to a shorter period. | + | |
- | Cautions warn you about a procedure or action, which, if not done correctly, could | + | ==[[/Adding and Maintaining Duties | Adding and Maintaining Duties]]== |
- | cause damage to software or loss of data. Example: | + | |
- | Caution Designating a variable as ‘core’ is an irreversible procedure. Core parameters cannot | + | ==[[/Viewing and Performing Duties | Viewing and Performing Duties]]== |
- | be deleted and the variable cannot be re-designated as non-core from within | + | |
- | COS/Secure. | + | ==[[/Appendix A — Installing duty3G | Appendix A - Installing duty3G]]== |
- | 12 Getting Started | + | |
- | Finding Your Way Around Menus | + | ==[[Duty3G/User Guide/Appendix B — duty3G Menus by Role | Appendix B - Duty3G Menus by Role]]== |
- | Menu options are shown in the form Menu > Menu option. For example the | + | |
- | instruction: “Select Users and privileges > COSmanager users” tells | + | ==[[/Glossary|Glossary]]== |
- | you to select the COSmanager users option from the Users and privileges menu as shown | + | |
- | in Figure 2. | + | ---- |
- | Figure 2 — Following menu instructions | + | |
- | Such instructions can refer to options on consoles or methtools also; executing the | + | |
- | instruction: “Select Maintain > Add” would involve selecting the Add option | + | |
- | from the Maintain menu as illustrated in Figure 3. | + | |
- | Figure 3 — Using methtool menus | + | |
- | Getting Started 13 | + | |
- | For More Information | + | |
- | The COSmanager User Guide explains how to install COSmanager products, including | + | |
- | duty3G. | + | |
- | This manual describes how to configure duty3G, how to maintain duties and roles, | + | |
- | how to view and perform duties, and how to generate reports listing all or selected | + | |
- | duties. | + | |
- | Technical information about COSmanager commands can be found in the COSmanager | + | |
- | Reference Guide. This contains manual pages for the Functional Toolset and application- | + | |
- | specific commands, including commands used in duty3G. | + | |
- | COSmanager promotes a ‘policies and procedures’ approach to system management, | + | |
- | including task scheduling. How to Implement Policy Based Management and a Sample | + | |
- | Policy and Procedures Manual are available without charge from your COSmanager | + | |
- | distributor. | + |
Current revision
Contents |
Getting Started
Duty3G is a menu-driven application for automating UNIX, Linux and Windows systems operations and administration in a data center.
About this Guide
This guide is the primary reference for setting up and using duty3G. The bulk of the guide consists of ‘how-to’ material, designed to help operators and system administrators to use duty3G quickly and efficiently. It describes how to:
- install duty3G
- set up an initial configuration for duty3G
- automate routine operations tasks through the duty list
- add and maintain duties
- perform ongoing housekeeping and administration.
About this Chapter
This chapter introduces you to duty3G both from a management and a technical perspective.
At a management level, it describes:
- duty3G’s features and benefits
- duty3G concepts.
At a technical level, it introduces you to:
- installing and using duty3G
- duty3G’s software environment.
Finally, it explains:
- conventions and notation used in this manual
- where to look for more information.
This chapter and the next contain useful information to help you prepare to install and use duty3G. However, if you wish to get started immediately, skip to Appendix A - Installing duty3G.
Who should use this guide
This guide is aimed at:
- managers who need an overview of what duty3G can do
- administrators who need to maintain duties and control access to duty3G
- operators who need to know how to initiate duties
- new duty3G users, who need to understand the basics of using the duty3G interface
- auditors who need to understand how duty3G fits in with the organization’s policies and procedures.
Management Overview
duty3G facilitates a standard approach to the management of distributed, multi-vendor UNIX data centers. It provides secure, reliable, task automation and scheduling, through:
- automation of system management functions
- delegation of operations tasks
- tighter control over data center operations.
What duty3G can do
- For Data Center Managers
- Duty3G’s interactive duty lists ensure reliable operations by presenting prioritized lists of tasks in a consistent, easy-to-use format. It allows better allocation of resources through scheduling and delegation of tasks.
- For Administrators
- Duty3G frees experienced staff to concentrate on high-value activities. It allows routine and repetitive tasks to be delegated to less-experienced staff by hiding complexity.
- For Operations Staff
- Duty3G provides a dynamic checklist that shows the status of tasks in progress and reminds operators when tasks are due to be run. Overdue tasks are flagged and color coding of tasks allows at-a-glance monitoring.
- For Auditors
- Duty3G ensures safe delegation of important and sensitive operations tasks. Duty3G maintains an audit trail and daily compliance reports of duties performed and skipped, and records whether duties succeeded or failed.
Benefits of duty3G
- automation
- By encapsulating complex procedures into one or more duties, duty3G can help to simplify many system administration procedures. Duty3G allows many routine tasks to run without any operator intervention, including chains of dependent tasks.
- delegation
- Duties simplify complex tasks and hide operating system variations, so they can be reliably delegated to less-experienced staff.
- control
- An audit trail records full details of what duties were performed, and whether they succeeded or failed. Daily compliance reports record exception details of what duties were performed, skipped or just missed, and which failed and were disabled.
Duty Concepts
duty3G supports scheduled, automatic and ‘at request’ duties to any host on the network (including non-UNIX hosts). It also supports ‘carry forward’ to accommodate public holidays and weekends.
What is a duty?
System managers can define what operational tasks need to be performed and when, then set up the appropriate tasks as duties within duty3G. A duty can be any command or series of commands and scripts that could be entered at the shell prompt.
Duties can be performed to a set schedule, or on an as-required basis, either with or without operator intervention. Extensive duty logs are maintained, and these can be used to verify that duties are being performed.
Duty lists can be used to define and implement most operations procedures, including backup schedules, housekeeping tasks, security checks, audit procedures and preventive maintenance schedules.
Control
You can delegate specific duties to an individual operator (or group of operators) while retaining complete control over what tasks are done. Operators only have access to their preconfigured range of duties. Because duty3G’s duty list can be used to encapsulate secure functions, there is no need to provide shell access for nonprivileged or inexperienced staff.
This means that facilities available at a remote site can be restricted to those delegated by the system manager. Instead of granting users access to privileged accounts, the system manager defines each function as a duty, assigns correct privilege to that duty, then gives users access to particular duties.
Best practice
Duty3G encourages sound management practices by making it possible to perform the regular operations workload in a way that is efficient, reliable, verifiable, compliant, and repeatable.
The automation of routine tasks has several benefits.
- It saves time
- It frees up resources
- It reduces the possibility of human error by ensuring that operators never have to enter commands, but instead run predefined duties, even though these duties may require privileged user access.
Because duty3G encapsulates local expertise, it reduces your dependence on individual skills and minimizes the operational difficulties associated with staff turnover.
Technical Overview
This topic describes duty3G’s software environment:
- licensing
- installation and configuration
- starting duty3G from COSmanager or the command line
- directories, environment variables, and log files
- startup procedure
- access security
- user interface
Setting Up and Using duty3G
To install duty3G, you will need:
- a distribution containing the duty3G software
- an installed copy of the COSmanager application framework
- a license key
Licensing
COSmanager uses a host-name-based licensing scheme. You supply information for each host on which duty3G and other applications are to be run. Your COSmanager distributor will give you a set of license keys that encode information about which applications can be run on each host, and for how long (that is, whether for a trial period or indefinitely).
Caution! | |
Do not change the license key or product string. This will invalidate your license. |
You will be prompted to enter the license key and product string during the installation procedure.
Installation and configuration
The main steps are:
- If COSmanager is not already installed, you must first install and configure the COSmanager application framework. See the COSmanager User Guide.
- Install duty3G from the distribution by running Application > Install from the COSmanager applications menu. You will be prompted for the license key during this step.
- Select duty3G configuration to see the list of standard duties included with duty3G. Use the Maintain menu to change existing duties or add new ones.
For more details, see Appendix A - Installing Duty3G.
Starting duty3G
From the COSmanager button bar (GUI)
- Select the Duty button. The duty console is displayed.
From the COSmanager main menu (CUI)
- Select the duty3G option.
From the command line
- To launch the default version, enter:
- To launch a different version, enter:
Software Environment
Duty3G is installed under the home directory of the COSmanager account. All the files are owned by cosmos and belong to the cosmos group, except for a handful of database tables that are owned by root.
Duty3G’s log file is stored in the system spool area. COSmanager has a crontab entry to cycle all its audit trails automatically.
Only authorized COSmanager users can use duty3G. Access control within duty3G is provided through roles and capabilities, which determine each user’s ability to view or modify an application’s configuration or to run selected menu options.
COSmanager sets a number of variables in the user’s environment when they start duty3G. These mostly define directory names and the user’s access capabilities. You can check your environment by running env from a duty3G shell:
Startup procedure
When you launch duty3G from COSmanager or through the cos duty command, the following steps are performed:
- check that duty3G has a valid licence
- check that the current version of the COSmanager framework is at least the minimum version required by this application
- create environment variables describing duty3G’s directory structure: its home directory ($APPL_HOME), database directory ($APPL_DB), and application path ($APPL_PATH)
- if an application password is required, ask the user to enter it
- if authentication is required, ask for the user’s password
- prepend the application’s directories to the search paths
- create environment variables for any local roles and capabilities. Along with the variables created during COSmanager startup, these determine which duties and facilities the user can access in duty3G
- execute $APPL_HOME/profile. This sets environment variables specific to duty3G
- display duty3G version information (GUI)
- display the duty console for this user showing the users' preferred startup view.
Access Security
Fine-grained capability controls allow users to be given limited ‘views’ of duty3G options, enabling tight control to be maintained over access to all key functions.
COSmanager users are assigned one or more roles. Each role identifies a responsibility or class of users in your organization, for example ‘Senior Operator’ or ‘User’. Within each COSmanager application such as duty3G, roles are defined in terms of the access capabilities they grant. In turn, capabilities determine what menu options, duties, and actions the user can perform.
Users are granted access to COSmanager via options in the COSmanager configuration menu.
A number of roles are provided with COSmanager, including Manager, Config, Admin, Auditor, User, and SeniorOp.
Note | |
Changes made to a user’s security profile don’t come into effect until the next time the user invokes COSmanager. |
Many functions, particularly those that modify system files and COSmanager tables, require specific access capabilities. Users who do not have the right capabilities will not be able to access or even view these functions.
User interface
The user interface to all COSmanager applications is provided through a series of reusable software tools known collectively as The Functional Toolset. Both graphical (GUI) and character (CUI) mode interfaces are provided. As there are only a handful of different types of screen, the interface is very easy to learn.
The GUI mode features a Motif-style ‘look and feel’.
The GUI mode can also be used from a PC running Windows XP, Windows 2000 or Windows 2003, without the need for X emulation software.
The CUI mode is intended for users who access COSmanager from a character terminal or via terminal emulation from a PC. It features a full-screen interface with support for function keys and pop-up windows.
Keyboard traversal in the GUI interface is consistent with the CUI version. This allows users to swap between X displays, Windows PCs, and character terminals, with minimal retraining and without loss of productivity.
The user interface is described in detail in the COSmanager User Guide.
For More Information
The COSmanager User Guide explains how to install COSmanager products, including duty3G.
This guide describes how to configure duty3G, how to maintain duties and roles, how to view and perform duties, and how to generate reports listing all or selected duties.
Technical information about COSmanager commands can be found in the COSmanager Reference Guide. This contains manual pages for the Functional Toolset and application- specific commands, including commands used in duty3G.
COSmanager promotes a ‘policies and procedures’ approach to system management, including task scheduling. How to Implement Policy Based Management and a Sample Policy and Procedures Manual are available without charge from your COSmanager distributor.