In May 2007 Novell ZENworks Linux Management 7.2 was awarded top honors as the Best Management Software or Service at Interop 2007. This latest release of ZENworks Linux Management extends the ability to deliver manageability to your Linux systems, so you can keep your devices up to date.
In this article, we'll talk about ZENworks Linux Management and how its latest features give you complete management of your Linux systems. We'll explore the architecture of this product and see how it works. We'll also show how it performs the tasks that you desire.
> ZENworks Linux Management Capabilities
ZENworks Linux Management provides, at a high-level, the following capabilities:
- hardware and software inventory of your managed devices
- software delivery and installation of your RPMs along with configuration of those installations
- policy enforcement on the device of your business rules
- remote management to assist in troubleshooting issues
- Quick Tasks to allow you to functionally perform actions on devices in the system
- Imaging and device provisioning
Let’s first examine the ZENworks Linux Management architecture. Then we’ll work our way into its features and see how it all works together.
> ZENworks Linux Management Architecture
ZENworks Linux Management is built on the latest Web-services architecture to provide a stable and modular three-tiered system. The architecture consists of three components: database, Web-services and an agent. When the agent is installed on a device, it will register with the system by calling a Web service on the primary server. The Web service first collects information about the device. Then it creates an object in the database that represents the device in the system. ZENworks Linux Management 7.2 uses two systems to manage its database information. The first is eDirectory, because of its hierarchical strengths in management and ability to easily model relationships between objects. The other is postgres database. It holds information about inventory of the device and software packages (RPMs) you want delivered and installed on your managed systems. All the managed devices, including the ZENworks servers, are collectively called a management zone.
The Primary Server is the back-end server that presents all of the Web-services to the network. It is where ZENworks Linux Management is initially installed and where RPMs that will be delivered to your managed systems initially reside. The Primary Server also contains the ZENworks Control Center. That is the browserbased administration console you will use to manage your devices. Additionally, ZENworks Linux Management provides a commandline administration capability that allows you to perform common tasks via scripting.
A Secondary Server provides additional access points to devices beyond the single Primary Server. Secondary Servers allow ZENworks Linux Management 7.2 to scale to larger installations. Devices are redirected to a closer Secondary Server to retrieve packages held in its cache. RPMs you add to the system on the Primary Server are automatically replicated to all of your Secondary Servers in your management zone.
The agent is a software daemon that is installed on your managed devices. It communicates with the Primary Server to get instructions. Then the Primary and Secondary servers retrieve content to install on the device. The daemon has modular components that perform various functions for inventory, software installation, policy enforcement and remote management.
> Hardware and Software Inventory
Once a device is registered into the zone, ZENworks Linux Management performs a hardware and software inventory of that device. The inventory information is then passed up to a waiting Web-service, parsed and then inserted into the database. Subsequent inventory scans result in delta information updates sent back to the Primary Server. After the inventory information is inserted into the database, it can be used in reporting and identifying the device. Within the ZENworks Control Center you can view detailed inventory information. (see Figure 1.) The reporting system also allows you to create reports displaying hardware and software information.
> Software Delivery and Installation
The heart of ZENworks Linux Management is its ability to take RPM packages and deliver them to the targeted devices. One of the primary reasons to deliver software via ZENworks Linux Management is to keep systems up to date on the latest distribution or applications. ZENworks Linux Management has the ability to mirror content from several repositories and represent it in objects called catalogs on the system. It can mirror SUSE Linux and Red Hat updates directly from the source of these distributions.
When ZENworks Linux Management receives content, it creates objects in the system called Bundles. These bundles come in various flavors including Catalogs and RPM bundles. Bundles can also be manually created in the system. This allows you to create custom content bundles to be delivered to any targeted system. (see Figure 2.)
Once a bundle is created in the system, you can target a device. You do this by assigning the bundle to either a device, its parent folder or a group that the device is a member of. When the agent activates its refresh cycle, it calls a Web-service on the Primary server. It asks for information regarding any bundles that it is supposed to have. The resulting list is then compared with the delivered content on the device. If there are new bundles or updated bundles, the daemon will begin to download the RPMs associated them. Once they are brought to the device, the agent will proceed to install the RPMs onto the Linux device.
As you know, RPMs contain references to other RPMs that are listed as dependencies. Figuring out all of the dependencies can be a management nightmare for your average administrator. For example, RPM-x could depend on RPM-y which depends on RPM-w, etc. This dependency trail can quickly become unmanageable without the aide of ZENworks Linux Management. ZENworks Linux Management examines each of the RPMs and traces down all of the dependencies required. Next it compares the requirements to the currently installed set of RPMs. If a dependent RPM needs to be installed, ZENworks Linux Management will retrieve the dependent RPMs either from the assigned bundle or from the catalog assigned to the device. Thus catalogs become a repository of RPMs. If the dependency tree requires that exisiting RPMs be updated, they can be installed on a device. Once all of this calculation is done, ZENworks Linux Management downloads all additionally required RPMs. The installation is performed in the proper order to successfully install the desired RPM set.
Once a bundle is installed, any logging information, including errors, is sent to the Primary server for storage in the database. Thus, the administrator is alerted to any failures or warnings for the device.
ZENworks Linux Management will continue to monitor all bundles and constantly update the assigned devices. A new type of bundle, called a File Bundle, is included in the latest release of ZENworks Linux Management. The File Bundle delivers content to targeted devices and places it in assigned locations on the device.
The latest ZENworks Linux Management 7.2 also can receive Dell Update Packages. You can have them mirrored into the product and represented as bundles that you can apply to your Dell systems. ZENworks Linux Management 7.2 can also mirror from YUM repositories into the system.
> Policy Enforcement
An aspect of Linux management that is often overlooked is its enforcement of business policies on your Linux devices. ZENworks Linux Management lets you configure your business policies into the system and have them enforced on the management device. ZENworks Linux Management 7.2 includes the following policies.
Novell Linux Desktop policy
The Novell Linux Desktop policy lets you configure the Novell Linux Desktops in your enterprise environment. This includes enabling and disabling applets, background images and other components.
SUSE Enterprise Linux Desktop 10 policy
This new policy has been introduced to provide configuration of the SUSE Linux Enterprise Desktop 10 desktops. It is similar to how the Novell Linux Desktop Policy configured the Novell Linux Desktop system.
Remote Execute policy
The Remote Execute Policy lets you run any type of executable on the managed desktops in your environment. You can specify that these scripts or executables run based on date and time or events in the system.
Text File policy
With the Text File policy, the system can automatically edit any text file on the managed device. These changes can be actions, including regular expression searching and replacing; and prepending or appending lines to the file. You can also delete lines or text segments out of any line in the file.
The Epiphany Policy allows you to configure the settings for the popular Epiphany Web browser included with the GNOME desktop. You can lock down the Epiphany browsers on your devices in such ways as hiding menu bars; allowing or disallowing popups; disallowing loading of content for your specified set of unsafe protocols; configuring proxy settings for your systems.
With the Evolution Policy, you can configure your Evolution clients on each of your Linux devices. For example, you can turn off the following options from user access: use of Secure Socket Layer, Send and Receive mail configurations, and much more.
The GNOME Policy gives you full advance control over any GNOME setting you wish to administer and deliver to your Linux systems.
> Remote Management
ZENworks Linux Management includes the ability to perform remote operations such as remote control, remote view or even remote login into the device.
> Quick Tasks
Quick Tasks provide the ability to complete task-based activities within ZENworks Linux Management. These quick tasks include: creating and assigning a bundle or a policy, performing a remote management task and forcing a device to perform a refresh outside of it’s standard schedule.
> Imaging and Device Provisioning
ZENworks Linux Management can take and apply images that can be used for restoration or provisioning of new devices. You can request this imaging from the ZENworks Control Center. So, even if you’re remote, you can have it take or apply an image on it’s next reboot. The imaging system also provides a PXE server you can use to perform imaging tasks on the devices as they boot.
The award-winning ZENworks Linux Management can discover, scan, manage, provision and maintain Linux systems throughout your environment. Translation: it makes your job easier. Your systems stay up-to-date and you spend far less time managing them. For more information about ZENworks Linux Management and other ZENworks products visit novell.com/zenworks.