opsi: client management for heterogenous environments

Video in TIB AV-Portal: opsi: client management for heterogenous environments

Formal Metadata

Title
opsi: client management for heterogenous environments
Subtitle
An introduction to opsi.
Title of Series
Author
License
CC Attribution 2.0 Belgium:
You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal purpose as long as the work is attributed to the author in the manner specified by the author or licensor.
Identifiers
Publisher
Release Date
2018
Language
English
Production Year
2017

Content Metadata

Subject Area
Abstract
opsi is a powerful tool for client management in heterogenous environments.This lightning talk will give a short overview over the system and whatpossibilities system administrators get with opsi for managing Windows andLinux clients. In many environments system administrators are required to manage a wide rangeof operating systems. Wouldn't it be great to have a tool where one tool canmanage Windows and Linux? Introducing opsi, a client management tool thatallows managing both worlds. This talk will give you an overview of the system opsi and introduces possibletasks that can be done with opsi. Handling different systems is most presentwhen writing the scripts that perform tasks on the clients. Similarities anddifferences that administrators may face when creating these scripts areimportant for the creation and will be highlighted during that talk.
Loading...
Point (geometry) Server (computing) Implementation Service (economics) Computer file Open source Java applet System administrator Source code Range (statistics) Information systems Virtual machine Client (computing) Web service Centralizer and normalizer Latent heat Thermodynamisches System Root Computer configuration Operator (mathematics) Software Computer network Operating system System programming Integrated development environment Remote procedure call Booting Surjective function Identity management Dependent and independent variables Server (computing) Software developer Interface (computing) Projective plane Client (computing) Computer network Bit Graphical user interface Process (computing) Software Configuration space Identity management Window Geometry
Web page State observer Slide rule Server (computing) Enterprise architecture Computer file Range (statistics) Virtual machine Device driver Client (computing) Revision control Medical imaging Web service Component-based software engineering Thermodynamisches System Different (Kate Ryan album) Hypermedia Operator (mathematics) Operating system System programming Remote procedure call Medizinische Informatik Booting Partition (number theory) Sanitary sewer Identity management Installation art Enterprise architecture Execution unit Standard deviation Server (computing) Interface (computing) Software developer Configuration management Digital photography Software Order (biology) Hard disk drive Configuration space Window Sinc function
Complex (psychology) Existential quantification Scripting language Java applet System administrator Multiplication sign Client (computing) Mereology Computer programming Formal language Medical imaging Mechanism design Computer configuration Videoconferencing Cuboid Remote procedure call Office suite Logic gate Descriptive statistics Identity management Scripting language Enterprise architecture Email Software developer Shared memory Bit Formal language Type theory Process (computing) Repository (publishing) Telecommunication Interface (computing) System programming Hard disk drive Configuration space Right angle Windows Registry Server (computing) Functional (mathematics) Mobile app Enterprise architecture Service (economics) Computer file Link (knot theory) Patch (Unix) Virtual machine Motion capture Event horizon Product (business) Revision control Latent heat Thermodynamisches System Software Operating system System programming Gamma function Booting Plug-in (computing) Surjective function Task (computing) Installation art Execution unit Focus (optics) Stapeldatei Distribution (mathematics) Interface (computing) Projective plane Client (computing) Cartesian coordinate system System call Inclusion map Software File archiver Interpreter (computing) Identity management Window
Pairwise comparison Functional (mathematics) Distribution (mathematics) Dot product Scripting language Information Mereology Number Revision control Type theory Kernel (computing) Thermodynamisches System Personal digital assistant Different (Kate Ryan album) Personal digital assistant Revision control Determinant Window Asynchronous Transfer Mode Identity management
Scripting language Logical constant Functional (mathematics) Scripting language Process (computing) Computing platform Surjective function Identity management Address space
NP-hard Windows Registry Server (computing) Functional (mathematics) Scripting language System administrator Multiplication sign Client (computing) Mereology Code Mathematics Thermodynamisches System Hypermedia Operator (mathematics) System programming Automation Integrated development environment Software testing Code refactoring Data conversion Identity management Scripting language Standard deviation Multiplication Shared memory Bit Mountain pass Uniform resource locator Digital photography Integrated development environment Internet service provider Universe (mathematics) Window Library (computing) Address space
Enterprise architecture
I represent to you today ops II ops is a
tool to manage client in heterogeneous environment in modernity it's very common that you do not have just one operating system that does everything that you have a multitude of operating systems it all need to be managed and depth should be managing and a very efficient way and Ops is the tool to do exactly dad first who's this guy speaking to you my name is Nico veslovsky I'm from Germany I would consider myself a very patient at Python developer and I'm think I'm lucky enough to say that I'm doing this also as my main job and not just as a hobby I have six years as a professional Python developer for now and my company is the company behind the - ops II we're based in Mainz my job there is maintaining and developing up to you I'm very focused on the next side we also have colleagues that are more focused on the window side but I'm mostly the next guy and responsible for the server side implementation and also managing the Linux client agent and also my job involves a lot of customizing for customers to adjust it ops you to their needs when I'm talking about ops II I first want to give you a small introduction to the two because I think many people don't don't know ops the end that's why I'm talking here because I think it's a very cool tool and you should take it into your tool belt ops II has roots ranging back way back into the 90s when there was windows for workgroups I never worked with it but I have I have colleagues who did and when you be started they were like a small software shop we focus on geo information systems and system administration and one of the customers wanted to deploy windows for workgroups in a large environment and Despero ops ii started back then these machines were already installed in an effort via bootp some of you might know bootp for others that don't know whoopee it's kind of a princess or for PXE booting and the installation was quite simple all you had to do was copy fire to the new machine and maybe instruct him and you're done you could put your system pretty easy compared to nowadays the server the server side back in the days was Solaris and that's wrong with samba already as Samba was used to give to the clients access to the files they need for installation so it's been quite a while since then and obviously moved around quite a bit it gained more features for software deployment just copying and extracting files isn't nearly enough nowadays to manage the system the system grew and get more features to to do in centralized management of clients we're back from having some people running around and booting the clients we now want to do is all remote be at one point we connect to and then say ok I deploy the first management interface we had they confer they edited config files directly on the servers that's something nobody would think about today but you know that's that's how it was back then and the server side moved from Solaris to Debian first and in 2004 ops II saw its first public release obviously was open source from the beginning so if he knew that there was the company providing shut the zaption system you could just ask him and every send you a CD with the source code on it when we are looking at obscene now things are a little bit more modern the servers running Linux we don't just support Debian we support a whole range of systems one server runs a web service that is accessed by all the clients to communicate and for example to see if there is any installation that needs to be done or if you're an administrator you can check the service to see what software is installed or you can set something to install on a specific client or something like that we still use Samba samba reliable project for us and some reserved install files just like back in the days the management afraid interface nowadays is Java if you want a graphical interface if you don't there are various other options like Maya and access not a snitch not to focus today and also the
clients we also had one version of Windows we supported initially nowadays we support a whole range of Windows versions and of course since few years we also have Linux support was something I really enjoy and something I'm kind of a bit proud of because the system it was initially developed to just manage Windows clients and it was quite a road to get there to have the same codebase to be ready to also manage the next side so if you want to make photos to show and show them to your manager or something like that now here the buzzwords to give you over you what Ops II does we still do operating system deployments we still rely on unattended installation I said before we don't just support windows we also support Lee notes and you can nowadays also deploy complete images of your systems if this is what you fancy because an unattended installation may take you too long or it's not working good enough for what you are wanting to do because maybe some software is hard to install in there unattended way software deployment yeah that's it surfing because just an operating system usually isn't enough if you have wanted something working with your system you also need software on that machine there's something a topsy also does and if they are software yeah we want to configure it so obviously also can be used for a configuration management aspect to make everything complete we also have inhabit software inventory so that we know what has installed on our clients and what software is installed the hopper is important mostly for the window side because if you want to deploy an operating system you usually need drivers for systems and the easiest way to deploy the right drivers is to know what happens inside your computer how does opsi architecture look like can everyone read the slides I hope so if not there I uploaded them to the first M page yesterday so you can look along there on the upper side we have some various clients that connect to the web service shown below yes of course management interface we have an agent so op C is in system that relies on an agent to work there's not an agentless system and the upper right side you will see the boot image the boot image is what we use to prepare a client for the installation of a writing system so client will boot over PXE and to that boot image the boot image will prepare for example the hard drive maybe create partitions or something like that and then we'll have the insulation over to nana-chan installer this could be like what you will find when you're setting up it burn to a freewheel and USB stick or something like that on the server side that's civil popular we have some back-end such stored data you can rely on a file or MySQL whatever is your liking and most of the things we have on the server side is written in Python and yeah that's where I come into play as I said before I'm very patient Python developers so I had my fingers and most of the components we have on the server side to take more specific look on the server I said before we have a web service that speaks JSON RPC will I rely heavily on standards to make exchange with different systems easy so if you know how to connect your interface via JSON RPC it's it's easy to get access to the observer we still rely on Zomba I said before summer provides the the installation files that the clients then we'll access during an installation and if you want to use Ops II to deploy brain systems we usually have a DHCP and TFTP D on a server along with a special component that we call the op CPX econ 50 debt is used to write named files named pipes excuse me please these name pipes will then be accessed by a client that looks for a bootable media over a pig's ear and the OP CPX econ 50 writes the pipe only when it's wrapped so we have the situation that the client will boot with depth configuration that is given only once so if you you can let your client to just boot order Network and if there's nothing to do he will just continue boot usually starting the boot
from the first hard drive or something like that but if you want to set something specific the opposite Peaks II kind of company takes care of that and I tell the client for example to load a specific boot image which then execute whatever the Pooh dementia does on a client side we have a multitude of clients we have a graphical management interface written in Java called you can't forget this will run on the client side we have the boot image I managed before and yeah we have that client that we are running on the system's the opposite client agent is usually registered as a service on that client and takes care of the communication between the server and the client it usually checks if work needs to be done you can configure in various ways when it should do these checks for example you want to do it as a startup to make sure when the venous system starts you would get a new software installed or there can be things like timers that trigger in a regular interval if the server has anything to say to the client because we are running as a service we can also use this to trigger events from the server side if you want to say ok I just found a security update and I need to deploy this patch to all my machines I can trigger from a server that the deployment will be done and no there's no need for me to wait until the client checks again at the server if there's something to be done to make all this work we have to called up the script that will take care of the installation the opposite script reads the script describing what should be done from this amber share I mentioned earlier and then we'll execute the steps you defined to play something on our Samba share we need to pick an op C package this is a package that usually contains the files you want to deploy along with the script that I mentioned earlier that will do the processing where the steps are defined what should be done this could be as easy as just okay run a binary or it could be more complex things like okay patch these files yeah enter my configuration videos something like that if you don't want to deploy any files oh that's sure that's fine all these parts are then later compressed into a single archive that makes it easy to dispute between different servers and you can also have easy access to various versions of your script lying around the archive itself it's the compressed tar files or still we are relying on open established tools to do the things there's no need to reinvent the wheel here the idea with these packages has bought a lot from the Debian project you can define dependencies and some dependencies and things like that because before this this is a very good good two mechanism that is established there and we want to use it for our tools these packages you get will then be extracted onto your servers so the clients can access the files on the SMP share so in usually your setup consists of the place where you build your packages you write your scripts and so on and then can deploy it to production and just by compete by copying the file and then they okay install it there I'm pretty straightforward as I mention before there's oxy script option script is a language developed for the absurd project depth focus on the tasks that an administrator may may face when he is deploying things to client and it could be stuff like for example on Windows you want to edit edit the registry as a private developer I would know what I should do with Python but I have to admit that it's not a most straightforward way usually they do things and I'm glad there's there's obvious script for tasks like that off the script that's the syntax tailor to the tasks that should be done for example the registry but it's also open to Rio reuse existing solutions so if you have for example a a batch script written that does the task you want to do and you just want to deploy it on your service yeah sure use op C and just call the external script offices script is also the name of the interpreter when opsi started the Finca was called op c winced which which dot
for op c windows installer and there's the the windows heritage there but since we also managing Linux client with it we felt that we should rename it to op C script because it's a more general approach so there's a talk descriptions there I want to look at how can handling Windows and Linux be done as though you've learned about a system now and I want to focus a little bit more on the tasks that may may are at hand the first thing is is it a good idea that we have one script in both worlds okay I can give not given gives you a good answer the depth I think it depends on the task they lay at hand on the things that you need to do my experience once the package gets made sure and you're not changing it that much it's easier to integrate both the links in the Windows version into one package and then enjoy that in for example your dependencies you just depend on one package and it's you don't have to think about this is deploying on the Windows or Linux box it just works it of course can be done and when you're facing a program like for example I took your thunderbird that you want to distribute in your whole environment you may face some challenges for windows an installation is usually quite simple if the Thunderbird if you have an installer for you that you can run unattended and this works from Windows XP to recurrent Windows 10 and everything works for us on Windows this easy on Linux things might get more and more complicated because as you might know Linux is not Linux the Debian behaves different from for example a Susan Susan yeah so we may may have to the software we want in the repositories of the distribution so we can just rely on for example app capture or super to install it everything's fine but then again we have to think about okay the version we want to deploy is their diversion we require we may have some third-party plugins that require a very specific version of that software and the API may break in future versions so we may want to deploy our own work and yeah plugins are also a thing we can deploy the software sure the last thing we have to do and usually the part that takes the most time is we want to configure our system so by along Linux most things are written into files on Windows we often have registry entries that also will change to behavior of your application and may be configured in advance so that a user just needs to start a fire from the bird and then we have this mail account automatically connect to the T Network so - chief that we can deploy for example the funny bird very systems we should we should check something's and this is something an some examples I want to show you how things are looking with opposite script this is actual part of an op C script to check the architecture because it may be that I face an architecture that I do not need to need to support or something like that or did I don't that I can't support because the program I want to deploy doesn't support it maybe I have compiled it it's just the binary and it only works on a 64-bit system the boat powered on the upper right that's the function get system type it will either return me that is in X 68 system or this 64-bit system so checks to write are very easy if you are working with people who are not programmers or do not have a deep understanding of how program works for them it's very easy to work with these parts also check on what system type you are running in the same fashion we can do we can then detect our operating system that's important if you want to make sure that the appropriate calls are made there's a function ghetto-ass that will either return I'm running on Linux or I'm running on Windows and team but as I said earlier Linux is not Linux and the same goes for Windows we have various versions of Windows nowadays running around the latest being Windows 10 and so we may want to detect what Windows release we are running on as you might guess there's also a function for that the gate Emma's
version intro will return us the AP that the windows reports back there's something like six free for current Windows 8 the six usually the the MT 6 is the windows underlying kernel type and one thing we faced when Windows 10 was introduced was there at first reported back from the API as 6.4 but then the Microsoft and changed it to just report back ATM and most checks
that were made what ap version a my own just checked the first first part in sorry for ok windows API version 1 and a lot of things broke for us so if you want to correctly handle this there's something like compare dots and braided numbers we are can see if you're running incorrectly on Windows 10 version or if you're lying and running on lower version windows 10 also has new challenges for us Microsoft this it's one system and you you don't see any any differences it just works it will be it will be really the last windows ever released but internally they have different releases and you can also check for this for this release ID with the function mentioned below because of course they change the underlying api's between these versions and you will only channel there what we have for the window sides of course they are also for dinner side we can check what we're me running for running on what what distribution are we are running on so that we can call the appropriate use tools if we need to I think it's also very straight for to understand we have a switch case and in this case and we just check do we have Debian Rachael azuz and then work accordingly to Det he went most specific information they are also a function for that of course that's similar to the one from the window side so that you don't have to learn everything from a new when we are working with Linux and we are relying on the package manager it is something I usually do when using obscene something
I stumble stumble upon in the beginning quite often was that there might be a package lock involved if you try to install your packages so the package manager locked the resources so no other process can install during that time and yeah obviously also has ways to handle that this function also has the nice possibility to kill the package manager if the things take too long if are they okay I need to have this deployment done in like 10 minutes so I can spend five minutes of depth waiting for a package log and if then nothing happens I can just kill the package manager it's not very nice but you sometimes have to
resort to things like that as you have now seen what is possible I want to give you some best practice that we usually ploy when writing scripts that should be running on different platforms first we first use the op C script constants like the script path to
watch hard coding paths or something like where did I install that media put into variable and change it accordingly hard coding paths even if you just think okay I'm just writing this for Linux now there may be the day when you need to change audio scripts because you're hard-coded paths and you nowadays want to run this on Windows it happens to make things easier here adoptive script will do an auto conversion of this letters in the path so you don't have to worry about this is a forward slash or is it a backward slash because lopsy will handle it for you when the downside one thing you can't do it with this is
you can't put slashes in filenames if you want to okay I'm fine with that if you're using opportunity to mention systems it's very good idea to use the functions of super writes because they usually are cross-platform you don't have to think about what its system in Arango running on and they just work there are some special things like to read the registry access I mentioned earlier this of course that nas does not work on Linux but nobody expected to also it's a good thing to share your libraries and talk with others I learned very very much with just talking to people and seeing how they are handling scripts and this is something I think everyone should do to extend a notch so if you're not already convinced why you should maybe use obscene ops works great in different environments also environments that may not be up to today's standards you you may face the system where you don't have any ns you can run op C in multiple locations with just one management management server that's that's great if you're for example having a university like this and you want to have each billing treatment treat me as a whole ucation because maybe the science lab for maths requires something else like the one the by a lot biologists requires I'm pretty active you can use op C as a really huge solution that's okay op C is very well the trial we use of see a lot at work we for example Meredith Jenkins to do automated testing and part of why that's possibility of maybe I and you can also extend the API with your own custom functions if you know a little bit of patent so what now if you need to up C and you thought this wasn't so uninteresting but you here today I said just try it have a look share experiences we have great community of ops users talk to them talk to us I'm very interested in feedback and if you're already using op C why not people try to automate op C a little bit more and to integrated into systems this all works because of yeah the open API we've dead let I want to give a small small roadmap and what we're up to we are wanting to improve the Linux support even further the administration tools and do some cleanup and refactorings and my personal roadmap lasts lots of our I want to move more things to get we started as an company using SVM and I nowadays when to go to gift and I want to improve the work of the community and maybe a provider community contribute to the License Agreement and as my times up yeah yeah I'm still around here if there are any questions I can't answer now yep photos is actually not being a sported much but we just recently had someone asking for it so I'm looking to it for the client side I think or for the server side okay yeah more questions then thanks for time thank you
Loading...
Feedback

Timings

  455 ms - page object

Version

AV-Portal 3.21.3 (19e43a18c8aa08bcbdf3e35b975c18acb737c630)
hidden