Advanced Ops Manager Topics
-
Upload
mongodb -
Category
Technology
-
view
226 -
download
0
Transcript of Advanced Ops Manager Topics
![Page 1: Advanced Ops Manager Topics](https://reader034.fdocuments.in/reader034/viewer/2022050907/55b76a04bb61ebba688b47d5/html5/thumbnails/1.jpg)
![Page 2: Advanced Ops Manager Topics](https://reader034.fdocuments.in/reader034/viewer/2022050907/55b76a04bb61ebba688b47d5/html5/thumbnails/2.jpg)
Ops Manager Advanced Administration
Cory MintzMichael Benoit
![Page 3: Advanced Ops Manager Topics](https://reader034.fdocuments.in/reader034/viewer/2022050907/55b76a04bb61ebba688b47d5/html5/thumbnails/3.jpg)
LDAP and User Roles
![Page 4: Advanced Ops Manager Topics](https://reader034.fdocuments.in/reader034/viewer/2022050907/55b76a04bb61ebba688b47d5/html5/thumbnails/4.jpg)
LDAP and User Roles
Why Use LDAP Integration?
● Users/groups already centrally managedo Active Directoryo OpenLDAP
● Complex password policies● Prevent new users from signing up
![Page 5: Advanced Ops Manager Topics](https://reader034.fdocuments.in/reader034/viewer/2022050907/55b76a04bb61ebba688b47d5/html5/thumbnails/5.jpg)
LDAP and User Roles
Mapping Ops Manager to LDAP
● Login Attribute○ uid○ username○ email address
● Group(s) attribute
![Page 6: Advanced Ops Manager Topics](https://reader034.fdocuments.in/reader034/viewer/2022050907/55b76a04bb61ebba688b47d5/html5/thumbnails/6.jpg)
LDAP and User Roles
Sample LDAP Configurationmms.ldap.url=ldap://127.0.0.1:389
mms.ldap.bindDn=CN=_search_
mms.ldap.bindPassword=password
mms.ldap.user.baseDn=OU=Users,O=MongoDB
mms.ldap.user.searchAttribute=emailAddress
mms.ldap.user.group=groups
![Page 7: Advanced Ops Manager Topics](https://reader034.fdocuments.in/reader034/viewer/2022050907/55b76a04bb61ebba688b47d5/html5/thumbnails/7.jpg)
LDAP and User Roles
Sample Global Roles Configurationmms.ldap.global.role.owner (required)
mms.ldap.global.role.automationAdmin
mms.ldap.global.role.backupAdmin
mms.ldap.global.role.monitoringAdmin
mms.ldap.global.role.userAdmin
mms.ldap.global.role.readOnly
![Page 8: Advanced Ops Manager Topics](https://reader034.fdocuments.in/reader034/viewer/2022050907/55b76a04bb61ebba688b47d5/html5/thumbnails/8.jpg)
LDAP and User Roles
Adding Users and Groups
New users can not register
![Page 9: Advanced Ops Manager Topics](https://reader034.fdocuments.in/reader034/viewer/2022050907/55b76a04bb61ebba688b47d5/html5/thumbnails/9.jpg)
LDAP and User Roles
Adding Users and Groups
Users in baseDN, but not belonging to any groups cannot sign in
![Page 10: Advanced Ops Manager Topics](https://reader034.fdocuments.in/reader034/viewer/2022050907/55b76a04bb61ebba688b47d5/html5/thumbnails/10.jpg)
LDAP and User Roles
Adding Users and Groups
Global User Admins can create new groups
![Page 11: Advanced Ops Manager Topics](https://reader034.fdocuments.in/reader034/viewer/2022050907/55b76a04bb61ebba688b47d5/html5/thumbnails/11.jpg)
Alerts
![Page 12: Advanced Ops Manager Topics](https://reader034.fdocuments.in/reader034/viewer/2022050907/55b76a04bb61ebba688b47d5/html5/thumbnails/12.jpg)
Alerts
Global and System Alerts
ALERTS
SYSTEM ALERTS
Backing DatabaseBackup Daemons
GLOBAL ALERTS
GROUP ALERTS
Agents Users Hosts Backups Clusters
![Page 13: Advanced Ops Manager Topics](https://reader034.fdocuments.in/reader034/viewer/2022050907/55b76a04bb61ebba688b47d5/html5/thumbnails/13.jpg)
Alerts
Global and System Alerts UI
![Page 14: Advanced Ops Manager Topics](https://reader034.fdocuments.in/reader034/viewer/2022050907/55b76a04bb61ebba688b47d5/html5/thumbnails/14.jpg)
Alerts
Global and System Alerts UI
![Page 15: Advanced Ops Manager Topics](https://reader034.fdocuments.in/reader034/viewer/2022050907/55b76a04bb61ebba688b47d5/html5/thumbnails/15.jpg)
Alerts
Webhook Notifications● Integrate with your internal systems● POST alert events and state changes● Same JSON format as Public API’s Alert resource
![Page 16: Advanced Ops Manager Topics](https://reader034.fdocuments.in/reader034/viewer/2022050907/55b76a04bb61ebba688b47d5/html5/thumbnails/16.jpg)
Alerts
Setup a Webhook
![Page 17: Advanced Ops Manager Topics](https://reader034.fdocuments.in/reader034/viewer/2022050907/55b76a04bb61ebba688b47d5/html5/thumbnails/17.jpg)
Alerts
Notify a Webhook
![Page 18: Advanced Ops Manager Topics](https://reader034.fdocuments.in/reader034/viewer/2022050907/55b76a04bb61ebba688b47d5/html5/thumbnails/18.jpg)
Alerts
Anatomy of a Webhook RequestPOST /path/to/your/handler HTTP/1.1Content-Type: application/jsonX-MMS-Event: alert.openX-MMS-Signature: cbd76abcdf4627dfabcd…...
{ "id": "589bdcfd71735c5d00c9471", "groupId": "3718c7387c8457287cbdfa83", "typeName": "AGENT", "eventTypeName": "MONITORING_AGENT_DOWN", "status": "OPEN", "created": "2015-06-01T12:34:56Z", ...}
![Page 19: Advanced Ops Manager Topics](https://reader034.fdocuments.in/reader034/viewer/2022050907/55b76a04bb61ebba688b47d5/html5/thumbnails/19.jpg)
Alerts
Webhook Handling Examplesignature = hmac_digest(request.body, 'Bosco!')if signature != request.header('X-MMS-Signature'): exit('Could not validate webhook request')
alert = request.entityevent = request.header('X-MMS-Event')
if event == 'alert.open': if alert.eventTypeName == 'MONITORING_AGENT_DOWN': restart_monitoring_agent()
else if event == 'alert.close': if alert.eventTypeName == 'MONITORING_AGENT_DOWN': self.pat_on_back()
![Page 20: Advanced Ops Manager Topics](https://reader034.fdocuments.in/reader034/viewer/2022050907/55b76a04bb61ebba688b47d5/html5/thumbnails/20.jpg)
Alerts
Enabling Twilio for SMStwilio.account.sid=xxxxxxxxxxxxxxxxxxx
twilio.auth.token=yyyyyyyyyyyyyyyyyyy
twilio.from.num=1234567890
![Page 21: Advanced Ops Manager Topics](https://reader034.fdocuments.in/reader034/viewer/2022050907/55b76a04bb61ebba688b47d5/html5/thumbnails/21.jpg)
Alerts
Verifying Twilio
● Send a test SMS message
● Now, you can see additional SMS notification options
![Page 22: Advanced Ops Manager Topics](https://reader034.fdocuments.in/reader034/viewer/2022050907/55b76a04bb61ebba688b47d5/html5/thumbnails/22.jpg)
Multi-Datacenter Backup
![Page 23: Advanced Ops Manager Topics](https://reader034.fdocuments.in/reader034/viewer/2022050907/55b76a04bb61ebba688b47d5/html5/thumbnails/23.jpg)
Multi-Datacenter Backup
What does Multi-Datacenter mean?● Geographically distributed corporate owned DCs● Corporate owned DCs combined with cloud hosted (AWS,
Rackspace, etc.)● Single DC with several virtual networks
![Page 24: Advanced Ops Manager Topics](https://reader034.fdocuments.in/reader034/viewer/2022050907/55b76a04bb61ebba688b47d5/html5/thumbnails/24.jpg)
Multi-Datacenter Backup
Setup 1: One Instance
All Ops Manager components in a single DCPros● Fewest Ops Manager Components● Easier to get started● Easier to maintain
Cons● Bandwidth costs between DCs● Restores need to go over network● All groups on a single set of hardware
![Page 25: Advanced Ops Manager Topics](https://reader034.fdocuments.in/reader034/viewer/2022050907/55b76a04bb61ebba688b47d5/html5/thumbnails/25.jpg)
Multi-Datacenter Backup
Setup 1: Diagram
![Page 26: Advanced Ops Manager Topics](https://reader034.fdocuments.in/reader034/viewer/2022050907/55b76a04bb61ebba688b47d5/html5/thumbnails/26.jpg)
Multi-Datacenter Backup
Setup 2: Multiple InstancesPros● Each instance still simple to setup● Less bandwidth use● Restores local
Cons● Multiple systems to manage● Duplicated configuration● More upgrades
![Page 27: Advanced Ops Manager Topics](https://reader034.fdocuments.in/reader034/viewer/2022050907/55b76a04bb61ebba688b47d5/html5/thumbnails/27.jpg)
Multi-Datacenter Backup
Setup 2: Diagram
![Page 28: Advanced Ops Manager Topics](https://reader034.fdocuments.in/reader034/viewer/2022050907/55b76a04bb61ebba688b47d5/html5/thumbnails/28.jpg)
Multi-Datacenter Backup
Setup 3: One Instance w/ Group Pinning● The best of both world● Single Ops Manager instance● Backup “stack” in each DC● Pin each Ops Manager group to a “stack”
![Page 29: Advanced Ops Manager Topics](https://reader034.fdocuments.in/reader034/viewer/2022050907/55b76a04bb61ebba688b47d5/html5/thumbnails/29.jpg)
Multi-Datacenter Backup
Setup 3: Diagram
![Page 30: Advanced Ops Manager Topics](https://reader034.fdocuments.in/reader034/viewer/2022050907/55b76a04bb61ebba688b47d5/html5/thumbnails/30.jpg)
Multi-Datacenter Backup
Setup 3: UI
![Page 31: Advanced Ops Manager Topics](https://reader034.fdocuments.in/reader034/viewer/2022050907/55b76a04bb61ebba688b47d5/html5/thumbnails/31.jpg)
Multi-Datacenter Backup
Setup 3: UI
![Page 32: Advanced Ops Manager Topics](https://reader034.fdocuments.in/reader034/viewer/2022050907/55b76a04bb61ebba688b47d5/html5/thumbnails/32.jpg)
Public API
![Page 33: Advanced Ops Manager Topics](https://reader034.fdocuments.in/reader034/viewer/2022050907/55b76a04bb61ebba688b47d5/html5/thumbnails/33.jpg)
Public API
Overview
● RESTful interface to Ops Manager features● Must be enabled for each group● Users have API keys● HTTP Digest Authentication● JSON throughout (pretty printing optional)● Access to certain endpoints is restricted to an IP whitelist
![Page 34: Advanced Ops Manager Topics](https://reader034.fdocuments.in/reader034/viewer/2022050907/55b76a04bb61ebba688b47d5/html5/thumbnails/34.jpg)
Public API
Step 1. Enable
![Page 35: Advanced Ops Manager Topics](https://reader034.fdocuments.in/reader034/viewer/2022050907/55b76a04bb61ebba688b47d5/html5/thumbnails/35.jpg)
Public API
Step 2. Keys and Whitelist
![Page 36: Advanced Ops Manager Topics](https://reader034.fdocuments.in/reader034/viewer/2022050907/55b76a04bb61ebba688b47d5/html5/thumbnails/36.jpg)
Public API
Step 3. Code!// Script to pull a backup of the last snapshot using the Ops Manager Public APIgroupId = 'cbdf73827d0c0a9d9c4d6623'
// Get a list of clusters
clusters = api_get('${groupId}/clusters')
// Find the cluster entity for the replica set named myReplSet
myReplSet = clusters.find_first( c -> c.replicaSetName == 'myReplSet' )
// Get all snapshots for the cluster
snapshots = api_get('${groupId}/clusters/${myReplSet.id}/snapshots')
// The last one is the most recent
lastSnapshot = snapshots[snapshots.length - 1]
![Page 37: Advanced Ops Manager Topics](https://reader034.fdocuments.in/reader034/viewer/2022050907/55b76a04bb61ebba688b47d5/html5/thumbnails/37.jpg)
Public API
Step 3. Code!// Create a restore job for the last snapshot
// NOTE: a replica set only creates one restore job
restoreJobs = api_post(
'${groupId}/clusters/${myReplSet.id}/restoreJobs',
{ 'snapshotId': lastSnapshot.id } )
restoreJob = restoreJobs[0]
// Poll every 30 seconds until the restore job status is FINISHED
do {
sleep(30)
restoreJob = api_get(
'${groupId}/clusters/${myReplSet.id}/restoreJobs/${restoreJob.id}'
} while (restoreJob.statusName != 'FINISHED')
![Page 38: Advanced Ops Manager Topics](https://reader034.fdocuments.in/reader034/viewer/2022050907/55b76a04bb61ebba688b47d5/html5/thumbnails/38.jpg)
Public API
Step 3. Code!// Restore ready, so download the .tar.gz file
http_get(restoreJob.delivery.url, 'myReplSet.tar.gz')
// Get the hash and verify the integrity of the downloaded file
restoreJob = api_get(
'${groupId}/clusters/${myReplSet.id}/restoreJobs/${restoreJob.id}')
serverHash = restoreJob.hashes[0].hash
myHash = sha1_hash('myReplSet.tar.gz')
assert(serverHash == myHash)
// Restore succeeded!
// Now uncompress it, shutdown mongod, copy data files, and restart
![Page 39: Advanced Ops Manager Topics](https://reader034.fdocuments.in/reader034/viewer/2022050907/55b76a04bb61ebba688b47d5/html5/thumbnails/39.jpg)
Thank You!