All Products
Search

This Product

    Bastionhost:Automatic O&M

    Document Center

    Bastionhost:Automatic O&M

    Last Updated:Jul 11, 2024

    You can create O&M tasks and configure O&M rules, such as O&M cycles and O&M scripts, to enable automatic O&M operations on hosts. This improves O&M efficiency. This topic describes how to create and execute an O&M task.

    Prerequisites

    Limits

    • The execution period of a single O&M task cannot exceed 24 hours. Otherwise, the connection for task is closed.

    • The number of host accounts that are associated with a single O&M task cannot exceed 200.

    • The total number of O&M tasks that can be configured and the maximum number of concurrent O&M tasks vary based on the specification of your bastion host. The following table describes the details.

      Note

      O&M tasks of all states, such as Pending Approval, Running, and Successful, are counted when the system calculates the number of tasks.

      Assets

      Total number of tasks configured

      Maximum number of tasks started

      50

      200

      200

      100

      200

      500

      1000

      500

      1,000

      2,000

      5,000

      2000

      1000

      10,000

      20,000

      5000

      2000

    Procedure

    If you use a Resource Access Management (RAM) user to create O&M tasks, you must go to the console of your bastion host. If you do not use a RAM user to create O&M tasks, you must use the O&M portal of your bastion host.

    RAM user

    1. Log on to the Bastionhost console. In the top navigation bar, select the region in which your bastion host resides.

    2. In the bastion host list, find the bastion host that you want to manage and click Manage.

    3. In the left-side navigation pane, choose Asset O&M > O&M Tasks.

    4. Optional. Create an O&M script.

      1. On the Script Management tab, click Create O&M Script.

      2. In the Create O&M Script panel, specify the name and content of the O&M script and click Create O&M Script.

        Note

        • The script name must be 1 to 128 characters in length, and can contain letters, periods (.), underscores (_), hyphens (-), and spaces. The name cannot start with a special character.

        • The script size can be up to 64 KB. Only shell commands are supported.

        • O&M engineers can create only private scripts. To create public scripts, contact the administrator.

    5. On the O&M Tasks tab, click Create O&M Task.

    6. On the Create O&M Task page, configure the parameters that are described in the following table and click Create O&M Task.

      Important

      • After the O&M task is created, it is in the Pending Approval status. After the task is approved by the administrator, its status changes to Pending. For more information about how to review an O&M task as an administrator, see Review tasks.

      • If the administrator enables Automatic Approval of O&M Tasks, the O&M tasks created by O&M engineers are automatically approved for execution. For more information, see Configure O&M settings.

      Parameter

      Description

      Task Name

      The custom task name. The task name must be globally unique.

      The task name must meet the following requirements:

      • It must be 1 to 128 characters in length.

      • It cannot start with a special character.

      • It can contain letters, periods (.), underscores (_), hyphens (-), and spaces.

      Execution Method

      The method to execute the O&M task. Valid values:

      • Manual: The O&M task must be started manually.

      • Periodic: The O&M task is executed at the date and time that you specify for Executed At and at the frequency that you specify for Period. Valid values for Period: 1 to 720 hours or 1 to 30 days.

      • Scheduled: The O&M task is executed at the date and time that you specify for Executed At.

      Note

      Manually started tasks have a higher priority than scheduled tasks and periodic tasks.

      Script Content

      The content of the O&M script. You can manually enter the script content or select a specific public or private script.

      Note

      • The script size can be up to 64 KB. Only shell commands are supported.

      • O&M engineers can create only private scripts. Only the administrator can create public scripts. For more information about how to create a public O&M script, see Manage O&M tasks.

      Associate Host Account

      The host account that is associated with the O&M task. Only a host account that the user is authorized to manage can be associated with the task. At least one of the following credentials of the account must be hosted on the bastion host: password, SSH private key, and shared key. For more information about how to authorize a user to manage a host account, see Authorize users or user groups to manage assets and asset accounts.

    Non-RAM user

    1. Log on to the O&M portal of your bastion host. For more information, see Log on to the O&M portal.

    2. In the left-side navigation pane, click O&M Tasks.

    3. Optional. Create an O&M script.

      1. On the Script Management tab, click Create O&M Script.

      2. In the Create O&M Script panel, specify the name and content of the O&M script and click Create O&M Script.

        Note

        • The script name must be 1 to 128 characters in length, and can contain letters, periods (.), underscores (_), hyphens (-), and spaces. The name cannot start with a special character.

        • The script size can be up to 64 KB. Only shell commands are supported.

        • O&M engineers can create only private scripts. To create public scripts, contact the administrator.

    4. On the O&M Tasks tab, click Create O&M Task.

    5. On the Create O&M Task page, configure the parameters that are described in the following table and click Create O&M Task.

      Important

      • After the O&M task is created, it is in the Pending Approval status. After the task is approved by the administrator, its status changes to Pending. For more information about how to review an O&M task as an administrator, see Review tasks.

      • If the administrator enables Automatic Approval of O&M Tasks, the O&M tasks created by O&M engineers are automatically approved for execution. For more information, see Configure O&M settings.

      Parameter

      Description

      Task Name

      The custom task name. The task name must be globally unique.

      The task name must meet the following requirements:

      • It must be 1 to 128 characters in length.

      • It cannot start with a special character.

      • It can contain letters, periods (.), underscores (_), hyphens (-), and spaces.

      Execution Method

      The method to execute the O&M task. Valid values:

      • Manual: The O&M task must be started manually.

      • Periodic: The O&M task is executed at the date and time that you specify for Executed At and at the frequency that you specify for Period. Valid values for Period: 1 to 720 hours or 1 to 30 days.

      • Scheduled: The O&M task is executed at the date and time that you specify for Executed At.

      Note

      Manually started tasks have a higher priority than scheduled tasks and periodic tasks.

      Script Content

      The content of the O&M script. You can manually enter the script content or select a specific public or private script.

      Note

      • The script size can be up to 64 KB. Only shell commands are supported.

      • O&M engineers can create only private scripts. Only the administrator can create public scripts. For more information about how to create a public O&M script, see Manage O&M tasks.

      Associate Host Account

      The host account that is associated with the O&M task. Only a host account that the user is authorized to manage can be associated with the task. At least one of the following credentials of the account must be hosted on the bastion host: password, SSH private key, and shared key. For more information about how to authorize a user to manage a host account, see Authorize users or user groups to manage assets and asset accounts.

    References

    • The O&M tasks created by O&M engineers can be executed only after the tasks are approved by the administrator. For more information about how to approve a task as an administrator, see Review tasks.

      If the administrator enables Automatic Approval of O&M Tasks, the O&M tasks created by O&M engineers are automatically approved for execution. For more information, see Configure O&M settings.

    • On the O&M Task Management page, the administrator can manage the automatic O&M tasks created by O&M engineers. For example, the administrator can view the details of the O&M tasks, and stop or delete the O&M tasks. The administrator can also create public O&M scripts for O&M engineers to use. For more information, see Manage O&M tasks.