RHEL7: How to get started with OpenLMI.

Share this link

OpenLMI Presentation

OpenLMI stands for Open Linux Management Infrastructure.

It’s a new way to manage a set of servers remotely from a unique client.

There are two configuration steps:

  • server side configuration that gives instructions to apply on a remotely managed server and
  • client side configuration that details instructions for the client.

Server configuration

To allow remote server management, you need to install the OpenLMI package:

[srv]# yum install -y openlmi

Then, you need to start the component in charge of receiving orders (the object broker pegasus):

[srv]# systemctl start tog-pegasus
[srv]# systemctl enable tog-pegasus

To be able to receive orders, the server firewall needs to be opened to WBEM port (Web-Based Enterprise Management):

[srv]# firewall-cmd --permanent --add-port 5989/tcp

Even though SELinux experts are working on it, it is still necessary to put SELinux in permissive mode for the time being:

[srv]# setenforce 0

Or, replace enforcing by permissive in the /etc/selinux/config file and reboot.

Finally, a password must be given to the pegasus user:

[srv]# passwd pegasus

Client configuration

To allow a client to manage a set of remote servers, you need to install the OpenLMI-tools package:

[clt]# yum install -y openlmi-tools

Then, you need to add a new yum repository in order to get the OpenLMI scripts easily:

[clt]# cd /etc/yum.repos.d
[clt]# wget "http://www.openlmi.org/sites/default/files/repo/rhel7/noarch/openlmi-scripts.repo"

Now, you can install the OpenLMI scripts:

[clt]# yum install "openlmi-scripts*"

To allow the client to connect to the server, you need to get the certificate of the remote server (called here srv):

[clt]# scp root@srv:/etc/Pegasus/server.pem /etc/pki/ca-trust/source/anchors/srv-cert.pem

Finally, the certificate needs to be added to the client truststore:

[clt]# update-ca-trust extract

Configuration test

To test the configuration, type the following command to connect to the server (called here srv) from the client:

[clt]# lmi -h srv
lmi> service show httpd.service
username: pegasus
password:
 Name=httpd.service
 Caption=The Apache HTTP Server
 Enabled=False
 Active=False
 Status=Stopped
lmi> exit

Or, alternatively:

[clt]# lmi -h srv service show httpd.service
username: pegasus
password:
 Name=httpd.service
 Caption=The Apache HTTP Server
 Enabled=False
 Active=False
 Status=Stopped

Sources: Russ Doty’s blog and OpenLMI website.

Additional Resources

In addition, you can watch the following videos:

1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading...

Leave a Reply

Upcoming Events (Local Time)

There are no events.

RHCSA7: Task of the day

Allowed time: 5 minutes.
Configure a cron task to write the uptime at 2PM every day.

RHCE7: Task of the day

Allowed time: 10 minutes.
Set up a default secure MariaDB database called maria and create a table named people with two columns respectively name varchar(20) and age int(10) unsigned.

Follow me on Twitter

Poll for favorite RHEL 7 book

What is your favorite RHEL 7 book to prepare RHCSA & RHCE exams?

View Results

Loading ... Loading ...

Poll for most difficult RHCSA 7 topic

What do you think is the most difficult RHCSA 7 topic?

View Results

Loading ... Loading ...

Poll for most difficult RHCE 7 topic

What do you think is the most difficult RHCE 7 topic?

View Results

Loading ... Loading ...