Sun Network Management Products

Since its inception, Sun Microsystems has been heavily involved with network computing. Therefore, it's no surprise that the company has produced the leader in network management software products, the Solstice Domain Manager suite, described in detail in this section.

The products being described in this section do not all merely show different ways of doing the same thing. They each have a separate purpose, as follows :

• Solstice Domain Manager manages the entire network of computer systems, whereas Solstice Site Manager carries out the same functions but on a smaller, single-site basis.

• The Solstice Bandwidth Manager product ensures that mission-critical applications are guaranteed the necessary network priority to meet processing deadlines.

• Solstice Adminsuite is a set of tools for carrying out system administration tasks on multiple Solaris systems.

When these Sun products are used together, they provide all the necessary functionality to monitor and manage a Solaris installation, from a small site to a large enterprise.

Solstice Site Manager

The Solstice Site Manager software product is built upon the proven SunNet Manager software and can effectively manage up to 100 separate nodes. It addresses the issue of managing smaller computing environments based on a single site. The product is fully scalable and runs the same application, database, and user interface on all Sun platforms, whether a small SPARCstation or a large ULTRA enterprise server.

A typical view as seen by the administrator is shown in Figure 14.1.

Solstice Site Manager includes the entire functionality from SunNet Manager as well as a limited version of the Cooperative Consoles software. The following sections describe the capabilities of Solstice Site Manager.

Network Discovery and Layout Tools

This tool automatically finds devices on the network, enters the details in the database, and creates an icon on the top-level view. The information entered includes at least the IP address of the discovered device. However, it uses this to name the device, which is not always desirable; a hostname normally is used to identify a system on the display. When in the database, a discovered object can be managed by the software and made subject to data and event requests .

This facility is useful because it identifies any new (and possibly unauthorized) devices that have been connected to the network. It is also very network- intensive , so some care should be taken about when this utility is run to avoid affecting the user community.

The layout tool attempts to lay out the screen in a meaningful way, having discovered the visible devices on the network. The layout tool reads the information in the management database and automatically places the objects and connections in one of three layout styles:

• Hierarchical ”The elements are organized into a hierarchy of subnetworks.

• Circular ”This style organizes subnetworks into circles.

• Symmetric ”The elements are laid out in a uniform symmetric distribution on the top-level screen.

Inherited from Children

A feature of the original SunNet Manager is that the status of managed objects is passed upward through the hierarchy of user-defined views. For example, a single workstation in the sales department, located in Building1 and displaying a problem, will be noticed on the console screen several levels higher, where the whole site is displayed only as a number of buildings . The administrator then traverses through the views, to the building and then the department within the building, and so on, to locate the troubled system and deal with the problem.

Request Management Software

Data requests and event requests are sent to managed remote nodes and are handled through the request management software. Data requests gather specific data, such as disk capacity information or processor usage, for later analysis, whereas event requests set tolerances to be monitored . An alarm is raised if a tolerance is exceeded; the action to be taken and the form of the alarm are entirely user-configurable. Figure 14.2 shows an event request being initiated.

In Figure 14.2, an event request is being submitted to monitor the CPU idle time on a database server, GoldDB1. It checks the system every 60 seconds to see if the idle attribute is less than 10% ”that is, to see if the CPU is more than 90% busy. If this is true, then a mail message is sent to the root user, the icon for GoldDB1 will turn red (as defined by the attributes Glyph Effect and Priority), and the script /usr/local/monitor_detail.sh will be executed. By default, the priority colors are yellow for low priority, amber for medium priority, and red for high priority, although these can easily be changed. My own personal preference is to always create the managed objects with a color of green, symbolizing "go ”no problems." The icon will change from its initial color only if an event is triggered.

Another useful feature is the "pending" state. When an event criteria is met, the icon is changed to a specified color (different from the three priorities); further event notifications for this device are suspended so that the administrator does not continually receive event alarms for the same device. When the problem has been rectified, the administrator can manually change the Glyph State to normal, and the events automatically start monitoring the device again.

Proxy Agents

One of the best features of the product is the proxy agents. Here, the Site Manager console delegates event requests to designated proxy systems. The result is that the proxy system polls the managed object (instead of the management console) and reports back to the console only when a threshold is exceeded or a test condition is met. This reduces the amount of network traffic that passes between the console and the managed objects. Proxy agents are normally local to the managed objects to reduce traffic further. Figure 14.3 demonstrates this kind of configuration.

Browser and Grapher Tools

The Browser tool provides access to the data that has been collected via data requests. The information is organized into individual streams, which contain the output from each data or event request for a specific device. Data that has been gathered can be viewed using this tool or can be selected for display using the Grapher tool.

The Grapher tool provides the administrator with the facility to view data graphically, either in 2D or 3D graphs. When a data request is submitted, the option exists to have the results sent straight to the Grapher tool. In this case, a cumulative graph will be created and updated as new data is received. The Grapher tool also accepts data that has been stored by the Browser tool. Figure 14.4 shows a cumulative graph from a data request monitoring CPU usage over a period of time.

When a graph has been created, it is managed by the Grapher tool and can be merged easily with other graphs to create new graphs containing the composite data from the original graphs. Figure 14.5 shows the Grapher tool display.

This feature is useful because it allows graphical comparisons between multiple systems. Figure 14.6 displays the merged graph created from the data in Figure 14.5.

Novell NetWare Support (IPX Discover)

Solstice Site Manager can centralize network management by using the NetWare Management Agent (NMA), an SNMP agent sold by Novell that resides on NetWare servers running TCP/IP. This agent allows Site Manager to manage the NetWare server's file system, print queues, and users. Site Manager also can import the topology details from a Novell ManageWise network management console and can use this to view the PCs on the NetWare LAN as a separate view from the systems it is already managing.

Solstice Domain Manager

Solstice Domain Manager is the tool to use for large or multisite network management of Solaris systems, although it also manages multivendor environments. The software is designed to manage up to 10,000 separate nodes.

The Domain Manager software includes all the tools present in Solstice Site Manager, but there is no restriction on the number of managed nodes. In addition, it comprises the full version of Solstice Cooperative Consoles so that it can send and receive information to other consoles. Solstice Domain Manager is designed for use in large installations so that multiple Solstice Site Manager consoles can feed information into a Solstice Domain Manager, or even multiple Solstice Domain Manager systems. These can be configured as peer-to-peer devices, enabling shared administration capabilities, if required. Figure 14.7 shows how a typical configuration might connect multiple Solstice Site Manager consoles.

A significant benefit of using a product such as Solstice Domain Manager is that multiple sites can be managed from a central console. This feature can be utilized to good effect, particularly during out-of-business hours, when there might not be any staff present at any of the remote sites.

Solstice Domain Manager meets the majority of the requirements for network management. However, more than 300 applications run on Solstice Site Manager and Domain Manager, providing additional network management capabilities and data analysis.

Solstice Cooperative Consoles

The Cooperative Consoles product is provided as part of Solstice Site Manager and Solstice Domain Manager. The Site Manager version is restricted in that it can send information only to another management console; it cannot receive information and act as a domain manager. The Solstice Domain Manager version contains a full release of Cooperative Consoles, allowing it to both send and receive information from other management consoles.

The real power of Solstice Domain Manager is that multiple domain managers can be flexibly configured to share information. Each console can be configured as a peer-to-peer console, allowing each to have equal access to the other so that they can monitor and control each other's resources, such as multiple Solstice Site Manager consoles. Alternatively, a Domain Manager console can be configured to receive from multiple management consoles but not to send information to them, making it a super network management console, as demonstrated in Figure 14.8.

This facility is used particularly where sites might manage their own network during business hours but pass to a central network management console for out-of-hours monitoring and management. The out-of-hours console might act as the master for multiple sites but would not return information about its own activities to any other consoles.

Solstice Enterprise Manager

This is a product for managing large enterprises and complex networks. It is aimed directly at telecommunications and Internet service providers (ISP). It is probably not a product that the Solaris system manager would expect to use, unless working in these specific areas of business.

Enterprise Manager is mentioned here because, using the Cooperative Consoles software, it facilitates connecting Solstice Domain manager and Solstice Site manager consoles to Solstice Enterprise Manager for large-scale network and system management. Enterprise Manager is used to isolate complex system or network problems, resulting in speedier resolution and maintenance of high availability for customers.

Customization of Solstice Site/Domain Manager

Many organizations are happy with the facilities provided by Solstice Site and Domain Manager, but a few customizations can be made to enhance the usefulness of the product and to tailor it more specifically to the needs of the business.

I used SunNet Manager, the foundation of Solstice Domain and Site Manager, to define customized object types. The newly created objects were subsequently treated as a unit so that, for example, a single event and data request could be initiated on every system of this designated type. Also, I added extra functionality to the Tools menu so that housekeeping and administration tasks could be carried out from the same central management position. SunNet Manager was successfully implemented to manage and administer 15 large Sun servers and 300+ workstation clients .

The file in which to make these additions is /opt/SUNWconn/snm/struct/elements. schema, by default. This file defines all the known object types, as well as the commands available from these objects and the icons used to identify them. The elements.schema file can be edited using a standard text editor, such as vi.

To add a new object, you must edit three sections within the file, one to create a new record for the component, one to specify the icon to use, and one to declare the commands that the object type can run.

An abbreviated example of the relevant sections of the elements.schema file is shown in Listing 14.1, demonstrating the changes that need to be made to add a new data object type of DB-server.

Listing 14.1 Abbreviated Version of the File elements.schema Showing the Values for a Default Type, sun-server, and a New Type, DB-server

 ##################  # COMPONENTS  #  record component.sun-server (                  # generic sun server          string[64]      Name          string[40]      IP__Address          string[40]      User          string[40]      Location          string[80]      Description          string[40]      SNMP_RdCommunity          string[40]      SNMP_WrCommunity          string[64]      SNMP_Vendor_Proxy          int             SNMP_Timeout        string[256]       SNMP_SysObjectId        string[40]        Physical_Address        string[60]        Created_by_cc          string[64]      __groupId_Layout  )  record component.DB-server (                   # Database server          string[64]      Name          string[40]      IP__Address          string[40]      User          string[40]      Location          string[80]      Description          string[40]      SNMP_RdCommunity          string[40]      SNMP_WrCommunity          string[64]      SNMP_Vendor_Proxy          int             SNMP_Timeout        string[256]       SNMP_SysObjectId        string[40]        Physical_Address        string[60]        Created_by_cc          string[64]      __groupId_Layout  )  .  .  .  instance elementCommand ( (component.sun-server     "Remote login..."  "$SNMHOME/bin/snm_cmdtool  rlogin  %Name")          (component.sun-server     "Telnet to Host..." "$SNMHOME/bin/snm_cmdtool  telnet %Name")                 (component.sun-server          "DB check..."  "$SNMHOME/bin/snm_cmdtool $SCRIPT_DIR/dbcheck %DBINST")          (component.sun-server          "FS check..."  "$SNMHOME/bin/snm_cmdtool $SCRIPT_DIR/fscheck %Name")          (component.sun-server          "USER check..."  "$SNMHOME/bin/snm_cmdtool $SCRIPT_DIR/usercheck %Name")          (component.sun-server          "Start Backup..."  "$SNMHOME/bin/snm_cmdtool $SCRIPT_DIR/start_backup %Name")          (component.sun-server          "Monitor Backup..."  "$SNMHOME/bin/snm_cmdtool $SCRIPT_DIR/mon_backup %Name")  (component.DB-server      "Remote login..."  "$SNMHOME/bin/snm_cmdtool rlogin  %Name")          (component.DB-server     "Telnet to Host..."   "$SNMHOME/bin/snm_cmdtool  telnet %Name")         (component.DB-server          "DB check..."  "$SNMHOME/bin/snm_cmdtool $SCRIPT_DIR/dbcheck %DBINST")          (component.DB-server          "FS check..."  "$SNMHOME/bin/snm_cmdtool $SCRIPT_DIR/fscheck %Name")          (component.DB-server          "USER check..."  "$SNMHOME/bin/snm_cmdtool $SCRIPT_DIR/usercheck %Name")          (component.DB-server          "Start Backup..."  "$SNMHOME/bin/snm_cmdtool $SCRIPT_DIR/start_backup %Name")          (component.DB-server          "Monitor Backup..."  "$SNMHOME/bin/snm_cmdtool $SCRIPT_DIR/mon_backup %Name")  )  .  .  .  #  # Glyphs for components  #  instance elementGlyph( ( component.sun-server          sunserver2.icon)  ( component.DB-server          DBserver.icon)  ) 

Figure 14.9 shows the newly created object being displayed on a Solstice Domain Manager screen and the commands that are now available to be run.

Solstice Bandwidth Manager

The Bandwidth Manager product is discussed here because it is sometimes necessary for the system manager to guarantee either delivery of information or an acceptable response time. Although the management of the network bandwidth is primarily the responsibility of the network manager, the system manager should identify priority or mission-critical applications that need to be guaranteed a minimum bandwidth to ensure that the high level of service is maintained .

Solstice Bandwidth Manager allows the available network bandwidth to be allocated to either a particular type of service (such as Telnet, FTP, or HTTP) or a specific department or customer. A series of rules dictate how the bandwidth is allocated, but flexibility is allowed, for example, if there is spare capacity when an application has used all its allocation.

This product comes with monitoring and statistics collection so that accurate usage and performance figures can be recorded. These can also be used to help determine whether SLA targets have been achieved or whether the allocation of bandwidth needs to be changed to make better use of the available resource.

Solstice Adminsuite

Solstice Adminsuite is a collection of commands and graphical tools that together enable the system administrator to carry out tasks on remote systems from a central location. Adminsuite is delivered as part of the Server release of the Solaris operating environment; it provides the functionality for managing users, groups, hosts , printers, disks and file systems, system configuration files, terminals, and modems. Admintool is a similar tool that allows basic administration of the local host only, without the host or disk and file system management aspects.

Figure 14.10 shows the initial screen that is displayed when the tool is launched.

Solstice Adminsuite contains a number of applications, briefly described here:

• Host Manager ”The Host Manager is used to manage clients and hosts on the network. Using this application, an administrator can add or delete operating system services, create AutoClient configurations, and set up remote install servers, such as those used for Jumpstart configurations.

• Storage Manager ”There are two components of this application, Disk Manager and File System Manager. Together, they allow partitioning and formatting of drives as well as the creation and maintenance of file systems, including making them available via NFS to other remote systems.

• Database Manager ”This application allows editing and management of the main configuration files, such as the hosts file and others within the /etc/ directory. The facility is available for the local system, remote systems, and an entire NIS domain, if present.

• User Manager ”This application provides user account management and enables defaults to be set for handling password aging, identifying the user's email server, and setting the login shell.

• Group Manager ”When a name service is being used, the Group Manager can add, modify, or delete groups for the NIS domain. If no name service is in use, it can be used to edit the /etc/group files on remote systems.

• Serial Port Manager ”This application is used to install and manage the services for terminals or modems. All necessary files are created by the application, and standard template configurations are also provided to make the setup procedure easier.

• Printer Manager ”With this application, you can install, modify, and delete printers on a Solaris LP server. The printers can also be centrally managed if a name service, such as NIS, is being used. In this way, printers become available to all clients running the SunSoft print client software.