Yet another failed attempt at using SNMP for monitoring application-level services led me to WS-Management, an HTTP/SOAP-based protocol meant to replace SNMP. DS-Management might not be the first protocol to attempt usurping SNMP, but this one looks promising. Widespread support and implementation is claimed by Microsoft, and a reasonably mature open-source implementation -- Openwsman -- is sponsored by SuSE.
Documentation for Openwsman unfortunately seems rather lacking. It took some poking around, but I was able to get a basic client-server session going under openSUSE 10.3. Here's how:
First, add the development channel for openwsman and install the openwsman packages:
- sudo smart channel --add http://download.opensuse.org/repositories/home:/kwk:/Management/openSUSE_10.3/home:kwk:Management.repo
- sudo smart update home_kwk_Management
- sudo smart install openwsman openwsman-client openwsman-server wsmancli openwsman-yast
If you run into PGP key problems, try disabling PGP key checking first:
- smart config --set rpm-check-signatures=false
The openwsman-server package installs openwsmand -- a stand-alone server providing WS-Management services. We'll need to configure the authentication system before running the server. I was unable to get things going with the default Basic authentication, but Digest worked for me:
- htdigest2 -c /etc/openwsman/digest_auth.passwd OPENWSMAN admin
- Adding password for admin in realm OPENWSMAN.
- New password: test
- Re-type new password: test
Now edit the Openwsman config file to use Digest authentication. The config file is under /etc/openwsman/openwsman.conf and should be altered to look something like this (note that we've uncommented the 'digest_password_file' option):
- [server]
- port = 8889
- #ssl_port = 8888
- ssl_cert_file = /etc/openwsman/servercert.pem
- ssl_key_file = /etc/openwsman/serverkey.pem
- digest_password_file = /etc/openwsman/digest_auth.passwd
- #basic_password_file = /etc/openwsman/simple_auth.passwd
- min_threads = 4
- max_threads = 10
- #use_digest is OBSOLETED, see below.
- #
- # Authentication backend for BASIC authentication. Default is to read a configuration file defined with 'basic_password_file'
- #
- basic_authenticator = libwsman_pam_auth.so
- basic_authenticator_arg = openwsman
- [client]
- port = 8889
- agent = openwsman 0.6.0
- #
- # settings for the CIM plugin
- #
- [cim]
- default_cim_namespace = root/cimv2
- # The following are in part fake namespaces for some publicly available CIM implementations.
- vendor_namespaces = OpenWBEM=http://schema.openwbem.org/wbem/wscim/1/cim-schema/2,Linux=http://sblim.sf.net/wbem/wscim/1/cim-schema/2,OMC=http://schema.omc-project.org/wbem/wscim/1/cim-schema/2
- # CIMOM host, default is localhost
- # host = localhost
- # CIMOM port, default is 5988
- # port = 5988
Okay, now we can run the server:
- sudo /usr/sbin/openwsmand -d
We can now connect to the server using a few simple Ruby commands. Open an interactive ruby session (using irb) and enter the following:
- require 'rwsman'
- client = WsMan::Client.new('http', 'localhost', 8889, '/wsman', 'admin', 'test')
- client_opt = WsMan::ClientOption.new
- identify = client.identify(client_opt)
- puts identify.rawxml
- <s:envelope s="http://www.w3.org/2003/05/soap-envelope" wsmid="http://schemas.dmtf.org/wbem/wsman/identity/1/wsmanidentity.xsd">
- <s:header>
- <s:body>
- <wsmid:identifyresponse>
- <wsmid:protocolversion>http://schemas.dmtf.org/wbem/wsman/1/wsman.xsd</wsmid:protocolversion>
- <wsmid:productvendor>Openwsman Project</wsmid:productvendor>
- <wsmid:productversion>1.5.9</wsmid:productversion>
- </wsmid:identifyresponse>
- </s:body>
- </s:header>
- </s:envelope>
The identify object returned by the client also exposes product_version, protocol_version, and product_vendor methods that return their respective values from the parsed XML data.
With the YAST plugin installed, Openwsman can access diagnostic information about your SuSE system. For example try this:
- client_opt.property_add('ycp', '{ import "SuSERelease"; return SuSERelease::ReleaseInformation("/"); }' )
- result = client.invoke('http://schema.opensuse.org/YaST/wsman-schema/10-3/YCP', 'eval', client_opt)
- puts "SUSE Version: #{result.body}"
No comments:
Post a Comment