Adding additional Application Servers
To meet the demands of a larger data center, you can deploy additional Application Servers. The additional Application Server is used for improving the performance of TrueSight Server Automation. The method described here for adding additional Application Servers is relevant only if you installed your default Application Server node using the unified product installer. When you install additional Application Servers, this process installs an Application Server and RSCD agent on the target server.
This topic includes the following sections:
Before you begin
(Windows only) To add an additional application server on a Windows system, you must first set up a PsExec server on a Windows server. A PsExec server functions as a proxy to execute psexec requests on a Windows Application Server without an agent.
To set up the PsExec Server:Do the following:
- Using a Windows host, install the latest version of an RSCD agent.
- Using the TrueSight Server Automation Console, add the server to the Servers folder.
- Ensure that the agent is running and that you can browse the contents of the server.
- Download PsExec. You can download PsExec from http://technet.microsoft.com/en-us/sysinternals/bb897553.
- Install PsExec according to the instructions from Microsoft. PsExec must be installed in %SystemRoot% (typically C:\Windows) directory.
- If you are installing agents on Windows servers using a domain account, the account must be granted the Windows "Logon as a batch job" privilege on the PsExec server.
When an Agent Installer Job runs, the Application Server must access the PsExec server. To accomplish this, the Application Server uses the account information defined in an automation principal that the remote host authentication specifies. If the account information is a domain account, the account must be granted the Windows "Logon as a batch job" privilege on the PsExec server.
To access the "Logon as a batch job" setting, use the Control Panel on the PsExec server and go to Administrative Tools > Local Security Policy > Local Policies > User Rights Assignment.
For more information about defining automation principals, see Creating automation principals.
- To confirm that the PsExec server is functioning correctly, update the status of a remote host authentication that is based on the PsExec protocol. See Specifying or modifying information for remote host authentication.
- NEW IN 8.9.03(Windows only) Ensure that you must have Server Message Block (SMB) v2 enabled on a Windows server.
(Linux) Ensure that the umask setting is 755 on the host where you want to install the additional Application Server.
Restrictive umask setting is not supported. For example, umask setting 077 in /etc/profile and /etc/bashrc
Adding an additional Application Server
The following procedure does not copy custom grammar files (install_dir/NSH/scripts) or the scriptutil scripts (install_dir/NSH/share/sensors) from the existing application servers to the new node. These directories should be manually synchronized after the add node operation completes.
Use the following steps to add an additional Application Server to your environment.
- On the file server, locate or create the directory structure under the root for installer_bundle/<os>/files, where <os> is either linux or windows, for example, C:\Program Files\BMC Software\BladeLogic\storage\installer_bundle\windows\files.
- Copy the contents of <upi_dir>/Disk1/files/installers into the <fileServer>/installer_bundle/<os>/files directory.
- Start the TrueSight Server Automation Console.
- Click Add TSA Application Server Machine under the Configuration menu in the Console. When you add the Application Servers, the Compliance Content is not synchronized. This is by design as the objective is to create another Application Server with basic configuration. You must perform additional customizations. For information about additional folders to synchronize, see Configuring multiple Application Servers on different hosts.
- Select the Node Details and Advance Options tabs and enter the following node details and advanced options:
- Click Add Node.
- Review the validation details.
- Host Name — Host name or IPv4 address of the Application Server. Note that if your Application Server is on an IPv6 address system you can only enter the host name of the server.
- Execution Protocol — Specifies the mechanism for accessing the agentless Application Server machine that you are setting up. Select one of the following:
- (Linux only) SSH Execution Protocol — Executes commands directly on the agentless host using the credentials defined on this panel.
- (Linux only) SSH + SUDO Execution Protocol — Executes commands directly on the agentless host using the credentials defined on this panel. The
sudo command is attached as a prefix to all commands. If
sudo requests a password, the passphrase entered on this panel is used.
- (Linux only) SSH + SU Execution Protocol — Executes commands directly on the agentless host using the credentials defined on this panel. The credentials defined on this panel are used to issue the
su command to gain elevated privileges.
- (Windows only) PSEXEC_Execution Protocol — Executes psexec requests on an agentless Windows host. This protocol is required when installing agents on Windows servers. Authentication on agentless hosts uses credentials defined in an automation principal that you specify on this panel.
Administrator ID — User name of an account with Administrator or Superuser privileges on the additional Application Server machine.
If you are using a domain user, enter the ID in the <DominName>\<UserID> format. For example, bmc.com\TestID.
- Passphrase — Password of the account with Administrator or Superuser privileges on the additional Application Server machine.
- Confirm — Confirm password of the account with Administrator or Superuser privileges on the additional Application Server machine.
- Node OS Type — Operating system running on the additional Application Server machine. For example WINDOWS_64 or LINUX_64.
- PsExec Server — (Windows only) Host name or IPv4 address of the PsExec server is installed. Note that if your PsExec server is on an IPv6 address system you can only enter the host name of the server.
- Install Path — Path on which you want to install the additional Application Server. For example, /opt/bmc/bladelogic on Linux or C:\Program Files\BMC Software\BladeLogic\ on Windows.
- Base port — Application Server ports are normally configured from a base port, with 9800 being the default base port. Arbitrary port assignments can be made in all cases. For more information, see Application Server ports.
- Temporary staging directory - (Linux only) During installation, the system stores temporary files in the /tmp directory. You can specify an alternate location to store the temporary files, if you do not have enough space or you do not have access to the /tmp directory.
Progress messages and (in the case of problems) error messages are displayed on-screen and also written to the Application Server log file, appserver.log, which is located in installationDirectory/NSH/br (on UNIX or Linux) or installationDirectory\NSH\br (on Windows).
The status of the installation process is displayed.
Where to go from here
Harden the security configurations on each of the new application server nodes. Copy the following files from theto each of the newly added secondary nodes: