ibm tivoli provisioning manager 7.1.1 technical overview

IBM Software Group

© 2009 IBM Corporation

IBM Tivoli Provisioning Manager 7.1.1

Technical Overview

IBM Software Group | Tivoli software

© 2009 IBM CorporationTivoli Provisioning Manager 7.1.1

TPM 7.1 Extends Tivoli's process automation engine for Task Automation

Out of the Box Reports

Reporting Engine

Web Based

Common User

Interface

Role base data access

Configurable by roles

User Configurable

Report Definition

Data Vizualization

Workflow

Common Configuration

Services

User Interfaces

Data Extensions

Process Workflow Runtime & Services

IT Infrastructure(Server, Storage, Network, Security, Software, Applications, Transactions, Services)

Operational MgmtProducts

Patch Deployment

Collaboration Notification Escalation Security

Reconciliation Federation Discovery

Discovery and Application Dependency Mapping (TADDM)

CIs

•Attributes

•Relationships

Common Data Subsystem

Assets

•Attributes

•Relationships

Process Artifacts

•Related to CIs and Assets

Meta Data

•Configurations

•Process

SoftwareDeployment

OS Deployment

TPM Discovery

Virtualization

TPM

TPMEngines for

Scalable Distribution &

Task Mgt.

CCMDB SRM …

Discovery

TPM Data

•Data model objects

•Other TPM data



TPM 7.1 Component Architecture

DE SDI

Tivoli Common Agent (TCA)

AM DMSDCD



New UI Capabilities, including Start Centers

Compliance Automationincluding Closed-loop Desired State Management with TADDM

Patch Management Automation

Software Provisioning Automation

Bare metal image deployment with TPM for OS Deployment

TPM task invocation from ISM processes

Virtualization Enhancements (VMware, Solaris, WPARs)

Reports (BIRT based)

New Web Replay

Key TPM 7.1 Features and Customer Value



TPM Release 7.1.1 Additions

Migration from TPM 5.1.1.2 to TPM 7.1.1 Upgrade from TPM 7.1 to 7.1.1 IPv6 Support FIPS compliance Retrofit 5.1.1.2 feature addition (Inventory extension, Pause/Resume) Red Hat 5 Patch Management on SDI (scalable solution) Virtualization & server management enhancements

VM status, VMware Templates, Better AIX LPAR support (HMC Discovery, validation, etc.)

Other enhancements (for example, Host/IP change, Sun Patches) Additional Platforms



TPM 5.1.1.2 to 7.1.1. Migration: Gradual, phased migration process that leverages the existing infrastructure, minimizes disruption, and accommodates failures

Datacenter & DistributedServers

Common UI for Process Automation (Server + Desktop)

TPM 7.1.1

Tpae

5.1.1.x Depots,& Fed. DMSs

5.1.1 agents

2



TPM 7.1.1

Tpae


5.1.1 agents

2



TPM 7.1.1

Tpae

5.1.1 Depots,& Fed. DMSs

5.1.1 agents

3


upgrade



TPM 7.1.1

Tpae


5.1.1 agents

3


upgrade



TPM 7.1.1

Tpae


5.1.1 agents

4


upgrade

7.1.1 agents



TPM 7.1.1

Tpae


7.1.1 agents

5



TPM 7.1.1

TPM User Interface

Tpae

TPM 5.1.1.x



5.1.1 agents5.1.1 agents

1

AM AM

Big Switch



IPv6

A dual stack (IPv4 and IPv6) TPM server A single stack (IPv4 or IPv6) or dual stack (IPv4 and IPv6) managed endpoint running the Tivoli Common Agent. Full compatibility through the Scalable Distribution Infrastructure (SDI) due to the SDI communications over IPv4 or IPv6 For the TCA to use IPv6, DNS must be available and the agent must be configured to use DNS. Only some key Deployment Engine (DE) based workflows (Network discovery, Inventory, Windows Patch & Agent install) Some limitations on Windows platforms due to reliance on CYGWIN components like SSH, Telnet, Ping

IPv6IPv4

TCP/UDP

PI Server

IPV4

x.y.z.w x.y.z.w

x.y.z.wa:b:c:d:e:f:g:h

a:b:c:d:e:f:g:ha:b:c:d:e:f:g:h

IPV6

x.y.z.w a:b:c:d:e:f:g:h

IPv6IPv4

TCP/UDPTCP/UDP

IPv4

TCP/UDP

IPv4

TCP/UDP

IPv4

TCP/UDP

IPv6

TCP/UDP

IPv6

TCP/UDP

IPv6IPv6IPv4

TCP/UDP

IPv6IPv4

TCP/UDP

IPv6IPv4

TCP/UDP

TPMServer

IPV4

x.y.z.w x.y.z.w



IPV6


TCA TCA TCA

IPv6IPv4

TCP/UDP

PI Server

IPV4

x.y.z.w x.y.z.w



IPV6


IPv6IPv4

TCP/UDPTCP/UDP

IPv4

TCP/UDP

IPv4

TCP/UDP

IPv4

TCP/UDP

IPv4

TCP/UDP

IPv6

TCP/UDP

IPv6

TCP/UDP

IPv6

TCP/UDP

IPv6IPv6IPv4

TCP/UDP

IPv6IPv4

TCP/UDP

IPv6IPv4

TCP/UDP

IPv6IPv4

TCP/UDP

TPMServer

IPV4

x.y.z.w x.y.z.w



IPV6


TCATCA TCATCA TCATCA



FIPS Compliance

Requires using approved Stronger Encryption schemes everywhereEncrypting passwords

SSL

SSH

Certificates Implications to TPM

Agents and server have to change at the same time

We are requiring a fresh install with a switch to flip Implementation

Use the approved libraries

At times it is simply configuring the right libraries. At times it is more.

Not all components used by TPM have FIPS compliant versions (for example, RXA over NETBIOS and Open SSH)



Inventory Extension



TPM 7.1.1

DCM import + Filters


7.1.1 agents

DCM Custom tables

Custom scan scripts

XML or MIF output

Disc. Scan jobs


© 2009 IBM Corporation11 Tivoli Provisioning Manager 7.1.1

Customer Value with TPM 7.1New, Highly Customizable TPM GUI technology

Easy modification of existing applications.

Ability to create your own applications.

Easily customizable to display only required data and tasks for a specific role/user

Consistent look and feel across ISM products provides seamless interactions and minimizes user education requirements

Can incorporate functions from multiple ISM products on single screen

Inclusion of TPM tasks in Change, Release, and SRM process flow definitions

Ability to easily take TPM actions on CCMDB CIs Use CMDB CI’s as database for process flow construction and information is automatically translated to TPM DCM for

operational purposes.

Ability to use Tpae workflow editor to design and formalize TPM activitiesCan define Tpae workflows to formalize and automate multi-person TPM activity flows

TPM activity flows can include non-TPM related tasks, i.e. sign-offs, escalations, etc.

Extensive Web Replay scenario library provides guidelines/education on product usageQuick method for product education and skills transfer


© 2009 IBM Corporation12 Tivoli Provisioning Manager 7.1.1

Customer Value with TPM 7.1 (cont.)Orchestration automation capabilities built in TPM 7.1

Advanced automation technology can be used to support infrastructure SLA’s through dynamic resource allocation based on monitoring inputs (TIO built in)

Enhanced integration with TADDM, TPC, RTLM TADDM – Closed loop desired state management for software configurations

TPC – Launch in context from TPM to TPC

RTLM – Test lab server provisioning with transitions to production

Integration with TPMfOSD 7.1 Seamless transition from using TPM to using TPMfOSD; no product switching to utilize bare-metal/initial image install

functions

Automated database exchange between products

Enhanced SDI management capabilitiesBetter status information and enhanced control of deployment infrastructure

Additional virtualization technology supportIncreased scope of environment under management of a single tool

Additional OS supportIncreased scope of environment under management of a single tool



Closed-loop Desired State Mgmt Automation

Discover EndpointsDiscover

Endpoints

Set up Compliance

Templates for Desired State

Set up Compliance

Templates for Desired State

Approve Recommendation

Approve Recommendation

Run Remediation Workflow to update the

configuration settings

Run Remediation Workflow to update the

configuration settings

Run Compliance Check

Run Compliance Check

Populate and Synchronize

Software Installation

Populate and Synchronize

Software Installation

Gold Standard

TADDM



ISM Adjacency: Processes Integration with TPM

Task

.

.

.

Task

TaskRelease/Change Workorder/JobPlan

MXWorkflowmainObject: Task

Spec.Application:Patch Install

TPMActivity Plan and related objects

Track Task

Task

Automation

Facade

Task: classified:

Install Patch

CreateTPMtaskLaunch

Assisted Workflow



Features Full Integration with TPM for OS Deployment product – from TPM

you:

Set up your deployment images:

Discover existing deployment servers, or install new ones

Capture cloned images from TPM managed computers

Create unattended OS setup images from CD media

View and edit image properties

Create hardware configuration images, e.g. RAID, BIOS

Discover bare-metal computers

Deploy images to your managed computers

Bare metal image deployment - TPMfOSD integration



TPMfOSD UI integration

TPM UI

TPMfOSD Panels



Support for target computers

Primary platforms Windows Server 2003 - x86-32 / x86-64 Windows Server 2008 - x86-32 / x86-64 Windows XP SP2 - x86-32 / x86-64 Windows Vista - x86-32 / x86-64 RHEL 5 - x86-32 / x86-64 RHEL 5 – pSeries RHEL 5 - cell blades SLES 10 - x86-32 / x86-64 SLES 10 – pSeries SLES 10 – zSeries AIX 5L 5.3 - pSeries AIX 6.1.1 - pSeries VMWare ESX 3.0 - x86-64 VMWare ESX 3.5 - x86-64

Secondary platforms RHEL 4 - x86-32 / x86-64 Red Hat Desktop 4 - x86-32 / x86-64 Red Hat Desktop 5 - x86-32 / x86-64 SUSE (SLES) 9 - x86-32 / x86-64 Solaris 9 – SPARC Solaris 10 – SPARC Windows 2000 SP4 - x86-32

TPMfOSD integration



Device Models and Automation Concepts

A Device Driver, also referred to as a Device Model, is a group of workflows that can be a applied to an IT asset.

Common actions, such as adding an IP address to a computer, are represented in a generic form by a logical device operation

Workflow: A simple program with a number of constructs that is used to manage an environment.

Automation Package: A collection of commands, shell scripts, workflows, logical device operations, and Java™ plug-ins that applies to the operation of a specific type of software component or a physical device



DODOMBO MBO

Data Layer: Enhanced UI & Preserving DCM + Workflows

MBO DOlinked

DODOMBO MBO

Tivoli's process automation engine Runtime DAO layer

WAS 6.1

Tivoli's process automation engine Database Containing DCM

LWI

DODOMBO MBO

MBO DOlinked

DODOMBOMBO

DODO

MBO MBO

Deployment EngineTPM workflows

Tivoli's process automation engine Runtime DAO layer

ibm tivoli provisioning manager 7.1.1 technical overview

Documents