Contents
Novell® has embraced the open standard strategies of Web-Based Enterprise Management (WBEM) proposed by the Distributed Management Task Force (DTMF). Implementing these strategies can substantially reduce the level of complexity associated with managing disparate systems in your network.
The following information describes a few of the components proposed by the DTMF standards. Understanding what these are and how they relate to each other can help you understand what OpenWBEM is and how you most effectively use it in your network.
Web-Based Enterprise Management (WBEM) is a set of management and Internet standard technologies developed to unify the management of enterprise computing environments. WBEM provides the ability for the industry to deliver a well-integrated set of standards-based management tools leveraging the emerging Web technologies. The DMTF has developed a core set of standards that make up WBEM:
A data model: the Common Information Model (CIM) standard
An encoding specification: CIM-XML Encoding Specification
A transport mechanism: CIM operations over HTTP
The Common Information Model (CIM) is a conceptual information model that describes management and is not bound to a particular implementation. This allows for the interchange of management information between management systems and applications. This can be either agent-to-manager or manager-to-manager communications that provide for distributed system management. There are two parts to CIM: the CIM Specification and the CIM Schema.
The CIM Specification describes the language, naming, and meta schema. The meta schema is a formal definition of the model. It defines the terms used to express the model and their usage and semantics. The elements of the meta schema are Classes, Properties, and Methods. The meta schema also supports Indications and Associations as types of Classes, and References as types of Properties.
The CIM Schema provides the actual model descriptions. The CIM Schema supplies a set of classes with properties and associations that provide a well understood conceptual framework within which it is possible to organize the available information about the managed environment.
The Common Information Model Object Manager (CIMOM) is a CIM object manager or, more specifically, an application that manages objects according to the CIM standard.
CIMOM providers are software that performs specific tasks within the CIMOM that are requested by client applications. Each provider instruments one or more aspects of the CIMOM's schema.
SUSE® Linux Enterprise Server contains the open source CIMOM from the OpenWBEM project.
The Web-Based Enterprise Management software selection includes a set of packages that contain basic Novell providers, including some sample providers, and a base set of accompanying Novell schemas.
As Novell moves forward with OpenWBEM and development of specific providers, it will provide tools that offer the following important features:
Efficient monitoring of network systems
Recording of alterations within existing management configurations
Hardware inventory and asset management
Understanding how the OpenWBEM CIMOM is set up and how to configure it can help you monitor and manage disparate systems in your network with more confidence and ease.
To set up OpenWBEM, select the Web-Based Enterprise Management software selection or pattern in YaST when you install SUSE Linux Enterprise Server or select it as a component to install on a server that is already running SUSE Linux Enterprise Server. This software selection includes the following packages:
cim-schema, Common Information Model (CIM) Schema: This package contains the Common Information Model (CIM). CIM is a model for describing overall management information in a network or enterprise environment. CIM consists of a specification and a schema. The specification defines the details for integration with other management models. The schema provides the actual model descriptions.
openwbem, Web Based Enterprise Management (WBEM) Implementation: This package contains an implementation of OpenWBEM. OpenWBEM is a set of software components that help facilitate the deployment of the Distributed Management Task Force (DMTF) CIM and WBEM technologies. If you are not familiar with the DMTF and its technologies, you can visit the DMTF Web site.
openwbem-base-providers: This package contains a Novell Linux instrumentation of base operating system components such as computer, system, operating system, and processes for the OpenWBEM CIMOM.
openwbem-smash-providers: This package contains a Novell Linux instrumentation of the Systems Management Architecture for Server Hardware (SMASH) providers for the OpenWBEM CIMOM.
yast2-cim, YaST2 - CIM Bindings: This package adds CIM bindings to YaST2 (YaST2 is the Graphical User Interface of the SUSE System Tools Manager). These bindings provide a client interface to the Common Information Model Object Manager (CIMOM).
This section includes the following information:
When Web-Based Enterprise Management software is installed, the daemon, owcimomd, is started by default. The following table explains how to start, stop, and check status for owcimomd.
The default setup of OpenWBEM is relatively secure. However, you might want to review the following to ensure access to OpenWBEM components is as secure as desired for your organization.
Secure Socket Layers (SSL) transports require a certificate for secure communications to occur. When OES is installed, OpenWBEM has a self-signed certificate generated for it.
If desired, you can replace the path for the default certificate with a
path to a commercial certificate that you have purchased or with a
different certificate that you have generated in the
http_server.SSL_cert =
setting in
the path_filename
openwbem.conf
file.
The default generated certificate is in the following location:
/etc/openwbem/servercert.pem
If you want to generate a new certificate, use the following command. Running this command replaces the current certificate, so Novell recommends making a copy of the old certificate before generating a new one.
As root in a console shell, enter sh/etc/openwbem/owgencert.
If you want to change the certificate that OpenWBEM uses, see Section 9.2.2, “Changing the Certificate Configuration”.
OpenWBEM is configured by default to accept all communications through a secure port, 5989. The following table explains the port communication setup and recommended configuration.
Table 9.2. Port Communication Setup and Recommended Configurations
If you want to change the default port assignments, see Section 9.2.3, “Changing the Port Configuration”.
The following authentication settings are set and enabled as the default for OpenWBEM in SUSE Linux Enterprise Server.
You can change any of the default settings. See Section 9.2.1, “Changing the Authentication Configuration”.
http_server.allow_local_authentication
= true
http_server.ssl_client_verification
= disabled
http_server.use_digest = false
owcimomd.allow_anonymous = false
owcimomd.allowed_users = root
owcimomd.authentication_module =
/usr/lib/openwbem/authentication/libpamauthentication.so
The OpenWBEM CIMOM is PAM enabled by default; therefore the local root user can authenticate to the OpenWBEM CIMOM with local root user credentials.
You can change any of the default settings. For more information, see Section 9.2.4, “Changing the Default Logging Configuration”.
By default, logging for OpenWBEM is set up as follows.
log.main.components = *
log.main.level = ERROR
log.main.type = syslog
This means that owcimomd logging is set up to go to the
/var/log/messages
file or to other
files depending on the configuration of syslogd
. It
logs all errors for all components (owcimomd).