® © 2006 ibm corporation usage of tpm for itm v6 agent install, upgrade and configuration mike...
TRANSCRIPT
®
© 2006 IBM Corporation
Usage of TPM for ITM V6 agent install, upgrade and configuration
Mike [email protected]
IBM Global Technology Services | Securities Industry Services
Agenda IBM Securities Industry Services (SIS)
SIS IBM Tivoli Monitoring (ITM) V6 Environment
SIS Tivoli Provisioning Manager (TPM) Environment
TPM Software Install and Upgrade Methods
ITM V6 Install, Upgrade with createNode, addSystem, updateAgent
Benefits from using TPM ITM V6 agent automation package
Demonstration Install of ITM agents on a server
Upgrade of ITM agents on multiple servers
Reporting of ITM agents versions
Uninstall for back out and server decommissioning
Stop, start and restart of ITM agents
ITM monitoring of TPM server
IBM Global Technology Services | Securities Industry Services
IBM Securities Industry Services (SIS)
SIS has been a division of IBM Global Services since 1967
Provides a comprehensive front and back office shared processing environment for Canadian banks and brokerage firms
Wealth management services used by about 60% of the Investment Dealers Association (IDA) of Canada member firms
Securities trade processing solutions
Client account positions and balances
Web based application can be used by investment advisors and investors for placing orders and viewing clients, accounts, orders, trades, transactions, securities and households
More information at http://www.ibm.com/services/ca/en/sis/
IBM Global Technology Services | Securities Industry Services
SIS ITM EnvironmentTEP –Tivoli Enterprise Portal (client)TEPS –Tivoli Enterprise Portal ServerTEMS –Tivoli Enterprise Monitoring ServerR-TEMS – Remote TEMSTEMA –Tivoli Enterprise Monitoring Agent
DB2
Hot Standby(Failover)
TEP Desktop Client
HTTP Browser
TEMAWindows / AIX / Linux on Intel / zSeries OS Agent v06.20.01.01ITM for DB2 Agent v06.20.01.01Omegamon XE for Messaging (MQ / WMB) v06.01.01.00ITM for Virtual Servers (VMWare ESX) v06.10.00.03Omegamon XE for z/VM & Linux 04.10.03.00
Host Escalation
Server
Auto Paging
Auto e-mail
Support
Teams
tcp 3660
tcp 1920
tcp 3660
R-TEMSz/OS
Remote TEMS Linux on z
Hub TEMS (Hot Standby)
Linux on zHUB TEMSLinux on z
TEPSLinux on z
tcp 3660
DB2 TEPS (Cold Standby)
Linux on z
tcp 3660
Omegamon XE Agents on z/OSOmegamon XE for z/OS (04.10.00.06)Omgeamon XE for Messaging (600)Omgeamon XE for DB2 PE and PM on z/OS (04.10.03.04)Omegamon XE for CICS on z/OS (04.10.00.04)Omgeamon XE for IMS on z/OS (04.10.00.04)Omegamon XE for Mainframe Network (04.10.03.00)Omegamon XE for Storage on z/OS (04.10.00.03)
DB2HADR
IBM Global Technology Services | Securities Industry Services
SIS ITM Environment Distributed operating systems of AIX, SLES Linux on z, RHAS Linux on Intel and Windows
Mainframe systems of z/OS and z/VM
ITM V6 OS Agents
m5 OMEGAMON XE on z/OS
lz Monitoring Agent for Linux OS
nt Monitoring Agent for Windows OS
qv Monitoring Agent for VMware ESX
um Universal Agent
ux Monitoring Agent for UNIX OS
vl OMEGAMON XE on z/VM and Linux
ITM V6 Middleware Agents
cp OMEGAMON XE for CICS on z/OS
dp OMEGAMON XE for DB2 PE and PM on z/OS
ip OMEGAMON XE for IMS on z/OS
s3 OMEGAMON XE for Storage on z/OS
mc WebSphere MQ Configuration Agent
mq WebSphere MQ Monitoring Agent
n3 OMEGAMON XE for Mainframe Networks
qi WebSphere Message Broker Monitoring Agent
ud Monitoring Agent for DB2
yn Monitoring Agent for WebSphere
IBM Global Technology Services | Securities Industry Services
SIS TPM Environment
Deployment of TPM started in January 2008
TPM 5.1.1 Fix Pack 1 Interim Fix IF00003 on SLES 9.0 Linux on z
TPM database on separate DB2 V8 SLES 9.0 Linux on z server with HADR to a standby DB2 server
SSH for Linux, UNIX and SMB/CIFS/DCE/RPC for Windows. TPM uses Remote Execution and Access (RXA) for agentless management of remote target computers using these protocols
sudo on Linux, UNIX used to permit a user, group to run certain commands as root or another user. /etc/sudoers entry for userid tpm to run all commands. Documented list of security controls approved by our security group and implemented
TPM workflow code of Device.ExecuteCommand will sudo sh for root or sudo su – userid if need to run script or command as another user
No Tivoli Common Agent (TCA) installed. TPM inventory scan supported for agentless
IBM Global Technology Services | Securities Industry Services
TPM Software Install and Upgrade Methods – Automation Packages
Usage of TPM automation packages to copy and execute scripts, commands
TPM executing script with product install, upgrade commands and response file. Script exits with non-zero return code if failure Installation code in sharable file system. No additional space requirements
for installation, patch tar files extracted on target computers. Prevent failures due to lack of filesystem free space and extra time copying, extracting tar file Installation code repository located in z/VM minidisks mounted read-write
on single Linux on z system for update. Mount read-only on other Linux on z systems for software install, upgrade deployments. Accessible on all networks
NFS server on a single Linux on z server in each network for AIX and Linux on Intel software install and upgrade deployments
Future possibility to use Samba on Linux on z server for Windows software install and upgrade deployments
Installation code tar, zip file in TPM file repository that is copied to target computers and extracted
IBM Global Technology Services | Securities Industry Services
TPM Software Install and Upgrade Methods – Software Package Block (SPB)
SPB from Tivoli Configuration Manager (TCM) can be installed with TPM and TPM for Software
SPB is created, updated with Software Package Editor and contains: Variables and conditions check. e.g. $(os_name) == AIX
System actions to check free disk space and restart computer
Program actions to install vendor package (Microsoft MSI, Linux rpm, etc.) or execute program, script
Software installable file. SPB is unzipped on target computer
Requires Tivoli Common Agent (TCA)
IBM products can include SPBs. ITM 6.2.1 create SPB package with: tacmd ExportBundles -t lz -o spb -p li6263 -e /myDir
Optional use of Scalable Distribution Infrastructure (SDI) with depot servers to reduce bandwidth usage, installation time when transferring data from SPBs over WAN
IBM Global Technology Services | Securities Industry Services
ITM createNode, addSystem, updateAgent
Populate ITM V6 agent installation code in ITM depot
Install Operating System (OS) agent with tacmd CreateNode Linux, UNIX computers require the usage of userid root and password.
Security policy can disallow remote root login
Install non-OS agents with tacmd addSystem
Upgrade a single agent product code with tacmd updateAgent Updating agents involves stopping any that are running, applying the
changes, and restarting them. With multiple agents on a server, extra time to stop and start agents
itmpatchagents can be downloaded from OPAL for instructions and script to scan and update group of agents with tacmd updateAgent
IBM Global Technology Services | Securities Industry Services
Benefits from TPM ITM V6 automation package Manual procedure to login to server, stop ITM agents, upgrade and start ITM
agents 15 minutes per server. For 30 servers is 450 minutes or 7.5 hours
TPM install of ITM V6 product with mode upgrade to group of servers 5 minutes per server with TPM default of executing 5 deployments at a time. For 30
servers is 30 minutes (Time saving per upgrade cycle is 44.5 hours) x (3 upgrade cycles per year) = 133.5
hours total times saving per year 136 hours for development of first automation package for ITM V6 agent. Return on
investment is 12 months after 3 upgrade cycles completed
Larger sized environments would experience greater time savings
TPM global variable default concurrency level or scheduled task property Concurrency Level could be raised higher depending on TPM database performance and amount of database update activity by workflows 5 minutes per server with TPM concurrency level changed to executing 10
deployments at a time. For 30 servers is 15 minutes
Consistent deployment method with different people executing deployment
Faster development for subsequent automation packages with reusing ITM workflow code