Duty3G/User Guide
This page was last modified 05:25, 6 August 2007.From Documentation
Revision as of 05:17, 6 August 2007 Moff (Talk | contribs) (→Software Environment) ← Previous diff |
Current revision Moff (Talk | contribs) (→Software Environment) |
||
Line 131: | Line 131: | ||
COSmanager uses a host-name-based licensing scheme. You supply information for each host on which duty3G and other applications are to be run. Your COSmanager distributor will give you a set of license keys that encode information about which applications can be run on each host, and for how long (that is, whether for a trial period or indefinitely). | COSmanager uses a host-name-based licensing scheme. You supply information for each host on which duty3G and other applications are to be run. Your COSmanager distributor will give you a set of license keys that encode information about which applications can be run on each host, and for how long (that is, whether for a trial period or indefinitely). | ||
- | {{Caution| Do not change the license key or product string. This will invalidate your license.}} | + | :{{Caution| Do not change the license key or product string. This will invalidate your license.}} |
You will be prompted to enter the license key and product string during the installation procedure. | You will be prompted to enter the license key and product string during the installation procedure. | ||
Line 159: | Line 159: | ||
''From the command line'' | ''From the command line'' | ||
:To launch the default version, enter: | :To launch the default version, enter: | ||
- | ::{{code|cos duty}} | + | {{code|cos duty}} |
:To launch a different version, enter: | :To launch a different version, enter: | ||
Line 176: | Line 176: | ||
COSmanager sets a number of variables in the user’s environment when they start duty3G. These mostly define directory names and the user’s access capabilities. You can check your environment by running env from a duty3G shell: | COSmanager sets a number of variables in the user’s environment when they start duty3G. These mostly define directory names and the user’s access capabilities. You can check your environment by running env from a duty3G shell: | ||
- | :<dl><dd>{{code|$ cos duty -c ksh<br>duty: env | pg}}</dd></dl> | + | {{code|$ cos duty -c ksh<br>duty: env | pg}} |
<br> | <br> |
Current revision
Contents |
Getting Started
Duty3G is a menu-driven application for automating UNIX, Linux and Windows systems operations and administration in a data center.
About this Guide
This guide is the primary reference for setting up and using duty3G. The bulk of the guide consists of ‘how-to’ material, designed to help operators and system administrators to use duty3G quickly and efficiently. It describes how to:
- install duty3G
- set up an initial configuration for duty3G
- automate routine operations tasks through the duty list
- add and maintain duties
- perform ongoing housekeeping and administration.
About this Chapter
This chapter introduces you to duty3G both from a management and a technical perspective.
At a management level, it describes:
- duty3G’s features and benefits
- duty3G concepts.
At a technical level, it introduces you to:
- installing and using duty3G
- duty3G’s software environment.
Finally, it explains:
- conventions and notation used in this manual
- where to look for more information.
This chapter and the next contain useful information to help you prepare to install and use duty3G. However, if you wish to get started immediately, skip to Appendix A - Installing duty3G.
Who should use this guide
This guide is aimed at:
- managers who need an overview of what duty3G can do
- administrators who need to maintain duties and control access to duty3G
- operators who need to know how to initiate duties
- new duty3G users, who need to understand the basics of using the duty3G interface
- auditors who need to understand how duty3G fits in with the organization’s policies and procedures.
Management Overview
duty3G facilitates a standard approach to the management of distributed, multi-vendor UNIX data centers. It provides secure, reliable, task automation and scheduling, through:
- automation of system management functions
- delegation of operations tasks
- tighter control over data center operations.
What duty3G can do
- For Data Center Managers
- Duty3G’s interactive duty lists ensure reliable operations by presenting prioritized lists of tasks in a consistent, easy-to-use format. It allows better allocation of resources through scheduling and delegation of tasks.
- For Administrators
- Duty3G frees experienced staff to concentrate on high-value activities. It allows routine and repetitive tasks to be delegated to less-experienced staff by hiding complexity.
- For Operations Staff
- Duty3G provides a dynamic checklist that shows the status of tasks in progress and reminds operators when tasks are due to be run. Overdue tasks are flagged and color coding of tasks allows at-a-glance monitoring.
- For Auditors
- Duty3G ensures safe delegation of important and sensitive operations tasks. Duty3G maintains an audit trail and daily compliance reports of duties performed and skipped, and records whether duties succeeded or failed.
Benefits of duty3G
- automation
- By encapsulating complex procedures into one or more duties, duty3G can help to simplify many system administration procedures. Duty3G allows many routine tasks to run without any operator intervention, including chains of dependent tasks.
- delegation
- Duties simplify complex tasks and hide operating system variations, so they can be reliably delegated to less-experienced staff.
- control
- An audit trail records full details of what duties were performed, and whether they succeeded or failed. Daily compliance reports record exception details of what duties were performed, skipped or just missed, and which failed and were disabled.
Duty Concepts
duty3G supports scheduled, automatic and ‘at request’ duties to any host on the network (including non-UNIX hosts). It also supports ‘carry forward’ to accommodate public holidays and weekends.
What is a duty?
System managers can define what operational tasks need to be performed and when, then set up the appropriate tasks as duties within duty3G. A duty can be any command or series of commands and scripts that could be entered at the shell prompt.
Duties can be performed to a set schedule, or on an as-required basis, either with or without operator intervention. Extensive duty logs are maintained, and these can be used to verify that duties are being performed.
Duty lists can be used to define and implement most operations procedures, including backup schedules, housekeeping tasks, security checks, audit procedures and preventive maintenance schedules.
Control
You can delegate specific duties to an individual operator (or group of operators) while retaining complete control over what tasks are done. Operators only have access to their preconfigured range of duties. Because duty3G’s duty list can be used to encapsulate secure functions, there is no need to provide shell access for nonprivileged or inexperienced staff.
This means that facilities available at a remote site can be restricted to those delegated by the system manager. Instead of granting users access to privileged accounts, the system manager defines each function as a duty, assigns correct privilege to that duty, then gives users access to particular duties.
Best practice
Duty3G encourages sound management practices by making it possible to perform the regular operations workload in a way that is efficient, reliable, verifiable, compliant, and repeatable.
The automation of routine tasks has several benefits.
- It saves time
- It frees up resources
- It reduces the possibility of human error by ensuring that operators never have to enter commands, but instead run predefined duties, even though these duties may require privileged user access.
Because duty3G encapsulates local expertise, it reduces your dependence on individual skills and minimizes the operational difficulties associated with staff turnover.
Technical Overview
This topic describes duty3G’s software environment:
- licensing
- installation and configuration
- starting duty3G from COSmanager or the command line
- directories, environment variables, and log files
- startup procedure
- access security
- user interface
Setting Up and Using duty3G
To install duty3G, you will need:
- a distribution containing the duty3G software
- an installed copy of the COSmanager application framework
- a license key
Licensing
COSmanager uses a host-name-based licensing scheme. You supply information for each host on which duty3G and other applications are to be run. Your COSmanager distributor will give you a set of license keys that encode information about which applications can be run on each host, and for how long (that is, whether for a trial period or indefinitely).
Caution! | |
Do not change the license key or product string. This will invalidate your license. |
You will be prompted to enter the license key and product string during the installation procedure.
Installation and configuration
The main steps are:
- If COSmanager is not already installed, you must first install and configure the COSmanager application framework. See the COSmanager User Guide.
- Install duty3G from the distribution by running Application > Install from the COSmanager applications menu. You will be prompted for the license key during this step.
- Select duty3G configuration to see the list of standard duties included with duty3G. Use the Maintain menu to change existing duties or add new ones.
For more details, see Appendix A - Installing Duty3G.
Starting duty3G
From the COSmanager button bar (GUI)
- Select the Duty button. The duty console is displayed.
From the COSmanager main menu (CUI)
- Select the duty3G option.
From the command line
- To launch the default version, enter:
- To launch a different version, enter:
Software Environment
Duty3G is installed under the home directory of the COSmanager account. All the files are owned by cosmos and belong to the cosmos group, except for a handful of database tables that are owned by root.
Duty3G’s log file is stored in the system spool area. COSmanager has a crontab entry to cycle all its audit trails automatically.
Only authorized COSmanager users can use duty3G. Access control within duty3G is provided through roles and capabilities, which determine each user’s ability to view or modify an application’s configuration or to run selected menu options.
COSmanager sets a number of variables in the user’s environment when they start duty3G. These mostly define directory names and the user’s access capabilities. You can check your environment by running env from a duty3G shell:
Startup procedure
When you launch duty3G from COSmanager or through the cos duty command, the following steps are performed:
- check that duty3G has a valid licence
- check that the current version of the COSmanager framework is at least the minimum version required by this application
- create environment variables describing duty3G’s directory structure: its home directory ($APPL_HOME), database directory ($APPL_DB), and application path ($APPL_PATH)
- if an application password is required, ask the user to enter it
- if authentication is required, ask for the user’s password
- prepend the application’s directories to the search paths
- create environment variables for any local roles and capabilities. Along with the variables created during COSmanager startup, these determine which duties and facilities the user can access in duty3G
- execute $APPL_HOME/profile. This sets environment variables specific to duty3G
- display duty3G version information (GUI)
- display the duty console for this user showing the users' preferred startup view.
Access Security
Fine-grained capability controls allow users to be given limited ‘views’ of duty3G options, enabling tight control to be maintained over access to all key functions.
COSmanager users are assigned one or more roles. Each role identifies a responsibility or class of users in your organization, for example ‘Senior Operator’ or ‘User’. Within each COSmanager application such as duty3G, roles are defined in terms of the access capabilities they grant. In turn, capabilities determine what menu options, duties, and actions the user can perform.
Users are granted access to COSmanager via options in the COSmanager configuration menu.
A number of roles are provided with COSmanager, including Manager, Config, Admin, Auditor, User, and SeniorOp.
Note | |
Changes made to a user’s security profile don’t come into effect until the next time the user invokes COSmanager. |
Many functions, particularly those that modify system files and COSmanager tables, require specific access capabilities. Users who do not have the right capabilities will not be able to access or even view these functions.
User interface
The user interface to all COSmanager applications is provided through a series of reusable software tools known collectively as The Functional Toolset. Both graphical (GUI) and character (CUI) mode interfaces are provided. As there are only a handful of different types of screen, the interface is very easy to learn.
The GUI mode features a Motif-style ‘look and feel’.
The GUI mode can also be used from a PC running Windows XP, Windows 2000 or Windows 2003, without the need for X emulation software.
The CUI mode is intended for users who access COSmanager from a character terminal or via terminal emulation from a PC. It features a full-screen interface with support for function keys and pop-up windows.
Keyboard traversal in the GUI interface is consistent with the CUI version. This allows users to swap between X displays, Windows PCs, and character terminals, with minimal retraining and without loss of productivity.
The user interface is described in detail in the COSmanager User Guide.
For More Information
The COSmanager User Guide explains how to install COSmanager products, including duty3G.
This guide describes how to configure duty3G, how to maintain duties and roles, how to view and perform duties, and how to generate reports listing all or selected duties.
Technical information about COSmanager commands can be found in the COSmanager Reference Guide. This contains manual pages for the Functional Toolset and application- specific commands, including commands used in duty3G.
COSmanager promotes a ‘policies and procedures’ approach to system management, including task scheduling. How to Implement Policy Based Management and a Sample Policy and Procedures Manual are available without charge from your COSmanager distributor.