Professional Documents
Culture Documents
C6 - PureApp in Production - HADR, Monitoring, Enterprise Security
C6 - PureApp in Production - HADR, Monitoring, Enterprise Security
PureApp in Production
Enterprise Security, Monitoring, and HA/DR
Session Number: C6
Bobby Woolf – PureStart Technical Account Manager
Kyle Brown – Distinguished Engineer, SOA and Emerging Technologies
• Enterprise security
Security roles
Workload access control
• Monitoring
Hardware
System
Middleware
• High availability and disaster recovery
High availability
Backup and restore
Disk replication
File replication
Shared disk
Enterprise Security
• Workload Console > Instances > Shared Services • Workload Console > Cloud > Shared Services
• Workload Console > Catalog > Database Workload • Workload Console > Cloud > System Plug-ins
Standards
• Workload Console > Cloud > Pattern Types
• Workload Console > Catalog > DB2 Fix Packs
• Workload Console > Cloud > Default Deploy Settings
• Workload Console > System > Troubleshooting
• Workload Console > System > Storehouse Browser
• System Console > Hardware • System Console > System > Job Queue
• System Console > Reports • System Console > System > Events
• System Console > System > Settings • System Console > System > Troubleshooting
• System Console > System > Customer Network • System Console > System > Problems
Configuration
• System Console > System > Product Licenses
Managing Patterns
• Clone, edit, and lock a pattern
User must have the Pattern creation role (i.e. Workload Management > Create new patterns)
User must have Write access to the pattern
• Delete a pattern
User must have the Pattern creation role
User must have All access to the pattern
Monitoring
• Why monitoring?
Every customer wants to know how to do it
None of them ever end up doing it*
• Monitoring goals (are rather subjective)
To be able to see what’s going on within a system
To be notified when something’s going wrong with a system
• 19th century essayists would’ve loved monitoring
“Lies, damned lies, and statistics” – Mark Twain
“Everybody complains about the weather, but nobody does anything about it.” -- Charles Dudley Warner
Monitoring is like a weather report for your system
• Three key features
1. Reports (Machine Activity; also Product Licenses)
2. Events (and Event Forwarding and external monitoring)
3. PureApplication System Monitoring Portal
Which means they already have external monitoring in their data center.
• Hardware
All components run ITM agents
Also, each compute node has an Integrated
Management Module (IMM)
Status shown in Infrastructure Map
• Middleware
Every VM runs an ITM OS agent
Tracks VM lifecycle and health status
WAS, DB2, IHS VMs include additional agents
Other ITM agents available separately
• System
Jobs: System management tasks
Events: Notifications of significant situations
Problems: Events to call support
Reports: Graphs showing resource usage
Product licenses: License compliance
Auditing: Log of administrative changes
• Jobs Queue
System Console > System > Jobs Queue
Jobs are system tasks to be performed asynchronously
IWD tasks (deploying, deleting) are a series of jobs
Optionally display internal jobs like configuring components
Some jobs, like backup, are blocking, which makes them exclusive
• Events
System Console > System > Events
ITM situations that are significant
Type: Different kinds of components like compute node and virtual machine
Severity: Fatal, Critical, Major, Minor, Warning, etc.
Category: Alert, Resolution, Call support, and Customer serviceable
• Problems
System Console > System > Problems
Events with the “Call support” category
Additional details suitable for adding to a PMR
• Reports
System Console > Reports
Machine Activity
• Graphs that show resource allocation and consumption
• Trend shows when usage will exceed capacity
• Ex: CPU, memory, and VMs by cloud group or compute node
• Ex: IP usage by IP group
User Activity: List of resources by user
Metering: For customers who pay based on CPU metering
Chargeback: Shows usage by user or group
IP Usage: Shows the resource using each IP address
• Product licenses
System Console > System > Product Licenses
Set license capacity, enforcement, and notification
View license usage
• Auditing
System Console > System > Auditing
Log of administrative changes and access to secure objects
Can be used to show HIPAA and SOX compliance
• A virtual system pattern instance’s VMs show CPU and memory usage
Workload Console > Instances > Virtual System
Select the instance, expand the Virtual Machines section
• PureApp shows monitored details for virtual machines
Workload Console > Instances > Virtual Machines
Shows events, jobs, usage of CPU, memory, disk, network
This is the VM equivalent of hardware monitoring
OS view
WAS view
DB2 view
Application
Data
RPO
Zero Seconds Minutes Hours Days time
1. System backup
Console feature backs up management software and system settings
Can only be restored on the same system at the same fix pack level
2. Cloud environment
Use CLI scripts to create IP groups, cloud groups, and environment profiles
Use properties files for data center-specific values
3. Workload components
Export patterns
Export any extended virtual images
May want to export pattern parts (i.e. script packages, add-ons, etc.) to CM separately
4. Application data
Back up applications’ internal state, such as databases, config files, and logs
Central coordination to develop general backup strategy (i.e. TSM), middleware-specific strategy (i.e. Portal
and ODM), sample scripts for pattern developer to emulate
Legal Disclaimer
• The information contained in this publication is provided for informational purposes only. While efforts were made to verify the completeness and accuracy of the information contained
in this publication, it is provided AS IS without warranty of any kind, express or implied. In addition, this information is based on IBM’s current product plans and strategy, which are
subject to change by IBM without notice. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, this publication or any other materials. Nothing
contained in this publication is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and
conditions of the applicable license agreement governing the use of IBM software.
• References in this presentation to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and/or
capabilities referenced in this presentation may change at any time at IBM’s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to
future product or feature availability in any way. Nothing contained in these materials is intended to, nor shall have the effect of, stating or implying that any activities undertaken by
you will result in any specific sales, revenue growth or other results.
• If the text contains performance statistics or references to benchmarks, insert the following language; otherwise delete:
Performance is based on measurements and projections using standard IBM benchmarks in a controlled environment. The actual throughput or performance that any user will
experience will vary depending upon many factors, including considerations such as the amount of multiprogramming in the user's job stream, the I/O configuration, the storage
configuration, and the workload processed. Therefore, no assurance can be given that an individual user will achieve results similar to those stated here.