Walkthrough: Installing individual components for Linux Application Server and SQL Server database

This walkthrough topic provides a list of the steps required to install TrueSight Server Automation components in a "mixed" Linux Application Server + Microsoft SQL Server environment.

Note

Walkthrough topics are targeted to experienced TrueSight Server Automation users, especially this one, and they do not include relevant planning and prerequisite information. If you are not an experienced user, see the topics in the Requirements-for-installing-individual-components-on-UNIX-and-Linux section to review the required planning information for installation.

This topic includes the following sections:

Step 1: Setting up a database and user for a Microsoft SQL Server database

.Failed to execute the [excerpt-include] macro.

Back to top

Step 2: Setting up a database schema for a Microsoft SQL Server database

  1. Copy install scripts from the db_scripts directory in the main product .zip to a location that you can access from the SQL Server console. For information on the db_scripts directory, see Downloading-the-installation-files.
     The relevant scripts appear in the /files/configurations/dbscripts/sqlserver directory inside the TSSA<version>-<platform>64 installer zip package.
  2. Open a command prompt window.
  3. Change (cd) to /db_scripts/sqlserver.

  4. Run the master script that corresponds to the character sets for which your database is configured, using the following syntax:
    <master_script.bat> <db_server> <db_name> <bl_user> <bl_pwd>
    For example:
    sqlserver_master.bat QLDS0002 BLADELOGIC BLADELOGIC bmcAdm1n
    Replace the variables with the following values:

    Variable

    Value

    <master_script.bat>

    sqlserver_master.bat if your database is configured for char/varchar character sets or sqlserver_nchar_master.bat if your database is configured for nchar/nvarchar character sets

    <db_server>

    Name of the database server.
    If the server uses a nonstandard port, the server name and port number must be enclosed in quotation marks, as shown in the following example: "QLDS0002,1381"
    To use a named server instance, append the named instance, including the complete path, as shown in this example:
    sqlserver_master.bat <db_server>\<instance_name> <db_name> <db_user> <db_password>

    <db_name>

    Name of the TrueSight Server Automation database that you created while setting up the database

    <bl_user>

    Logon name for the TrueSight Server Automation database user

    <bl_pwd>

    BMC  Server Automation database user password

Note

When the master script runs, the following warnings might appear:

Cannot add rows to sysdepends for the current stored procedure because it depends on the missing object 'rsave_cond_result_subtree'. The stored procedure will still be created. Cannot add rows to sysdepends for the current stored procedure because it depends on the missing object 'rsave_cr_group_result_subtree'. The stored procedure will still be created.

These warnings are expected and can be ignored.

Back to top

Step 3: Install the agent on the file server

Note

Follow these steps only if you are installing the agent on a different host than the Application Server. Otherwise, skip to Step 6: Run the post-install configuration utility.

Click here to see a list of requirements for the file server.

A file server should meet the following requirements:

  • An RSCD agent must be installed and should be the same version as the Application Server.
  • Do not limit access to the file server by pushing agent ACLs to the agent on the file server. All users must be mapped to the same user on the file server.
  • As a minimum, a file server must have 72 GB of available, nonredundant, disk space. BMC recommends that the file server be allotted 200 GB or more of available RAID 5 disk space.
  • Define a user name (for example, blfsro) on the file server with read only permission on the storage, and map all users to that user name. Without this mapping, a user may not be able to access a file that another user has stored on the file server. To accomplish the necessary mapping, create an entry like the following in the exports file on the file server:
    <appServer> ro,user=blfsro
    Where <appServer> is a comma-separated list of Application Server names or IP addresses (IPv4 or IPv6).
    The default location of the exports file is:
    • (Windows) C:\Windows\rsc
    • (Linux): /etc/rsc

  • Map the built-in System:System role/user to the user name (for example, blfsrw) defined on the file server with full permission on the storage. To accomplish the mapping, create an entry like the following in the users.local file on the file server:
    System:System rw,map=blfsrw
    Where blfsrw is the name to which the built-in System:System role/user is mapped, typically used when Application Server accesses the file server.
    If the required directory structure does not already exist on the file server, the system process attempts to create it.
    The default location of the users.local file is:

    • (Windows) C:\Windows\rsc
    • (Linux): /etc/rsc

    For examples on configuring the file server agent ACLs, see Configuring-the-file-server-agent-ACLs.

  • If your file server location is on partition or a mounted storage, you must ensure that the mount point for the storage or partition is consistent even if the file server host is restarted.
    For example, on Linux, you can ensure this by configuring the fstab file in the etc folder of your machine. The fstab file maps the Universally Unique Identifier (UUID) of a storage or partition to the directory it should be mounted on.

TrueSight Server Automation uses the file server to store the contents of files included in snapshots, Network Shell scripts, BLPackages, software packages, and other types of information that is not easily stored in the database. The file server must have a RSCD agent installed on it, as described in the following procedure.

  1. Navigate to the directory containing installation files and run the installation script for the RSCD agent. Script names follow the convention: RSCDversion-platform. For a list of all the different agent installation files for the various platforms, see Installation-programs-for-TrueSight-Server-Automation.
    You must execute the installation from a root shell. Do not execute the installation script from a non-root account.
    For example:
    ./RSCD89-SP3-LIN64.sh 
  2. The following message is displayed:
    Please choose the installation directory. [/opt/bmc/bladelogic]
  3. To install the RSCD agent in /opt/bmc/bladelogic, press Enter. Or enter another directory path.
     A message prompts you to choose a language for the installation program.
  4. Enter the number representing the language that you want to use for the installation.
     A welcome message is displayed.
  5. Press Enter.
     The following message is displayed:
     Do you agree to the terms of the license agreement (y for Yes) ?

  6. Press y.
    The following message is displayed:

    ============== Select Installation Components =============
    Server Utilities
    1 - RSCD Agent
    9 - Start the installation
    A - Select all components
    Select component
  7. Enter 1.
     A plus sign (+) appears next to the RSCD Agent to indicate you have chosen to install it.
  8. Enter 9.
     A message is displayed, asking you if you want to continue.
  9. Enter y.

  10. Follow the instructions in the installation script.
    Installation is complete. The agent starts automatically.

    • TrueSight Server Automation version 8.9.03 and later support Security-Enhanced Linux (SELinux). You do not need to enable the allow_execmod and allow_execstack commands during agent installation. If it is already enabled on the target the agent installer will not disable it. Note that support for SELinux is limited to the following configured state (as defined through /etc/sysconfig/selinux):
      SELINUX=enforcing
      SELINUXTYPE=targeted

      Multi-level security is not supported.

    • Restrictive umask setting is not supported. For example, umask setting 077 in /etc/profile and /etc/bashrc

    For additional information on restricting access to RSCD agents, see How TrueSight Server Automation grants access to RSCD agents.

Back to top

Step 4: Install the Application Server

Click here to see the prerequisites for installing the Application Servers.
  • Linux platforms on which you plan to install the Application Server or Network Shell must have the appropriate version of libtermcap.so.2 shared library installed. Install the shared library before installing these components. For more information, see Requirement for installing the Application Server, TrueSight Server Automation Console, or Network Shell on Linux.
  • The UNIX or Linux file system partition to which you plan to install the Application Server must not be mounted with the nosuid option.
  • Set the umask for the root user to 0022 on the Application Server host computer.
  • TrueSight Server Automation might have many open files at any given point in its operation. Therefore, unless your environment has specific needs for a more restrictive setting (depending on the specific operation of the Application Server), BMC recommends that you ensure that the following operating system parameters are set for the bladmin user. These settings should be permanently set for the user (for example, in the /etc/security/limits.conf  file for Linux):
    • Set core files to unlimited.
    • Set the number of open file descriptors to 8192

  • Optionally, set the INSTALL_FILES_TEMP environment variable to a valid, writable directory. If this variable is set, the installer files are stored in that location, thereby reducing the disk space requirements for /tmpduring the installation. Enter the following commands at the operating system command line:

    INSTALL_FILES_TEMP=<temporaryDirLocation>
    export INSTALL_FILES_TEMP

    For more information, see Methods for reducing installation space on Linux and UNIX.

In a UNIX environment, if the Application Server and the File Server are on the same box, use only the Application Server installer, not the separate RSCD agent installer for the file server.

  1. Navigate to the directory containing installation files and run the installation script for TrueSight Server Automation. (Script names follow the convention: TSSAversion-platform.) BMC recommends that you execute the installation from a root shell. Do not execute the installation script from a non-root account. For example:
    ../Disk1/files/installers/appserver_64/TSSA89-SP3-LIN64.sh
  2. Select the following individual components in the installation script. A plus sign (+) appears next to the component to indicate you have chosen to install it.
    1. Enter 1 to select the RSCD Agent.
    2. Enter 2 to select the Application Server.
    3. Enter 3 to select Network Shell.
    4. (optional) Enter P to select PXE Server if you are setting up provisioning.

    5. (optional) Enter T to select TFTP Server if you are setting up provisioning.

      ====     TrueSight Server Automation Suite 8.9.03     ===
      ================== Select Installation Components ==================
      Server Utilities
         1 - RSCD Agent
         2 - Application Server
          P - PXE Server
          T - TFTP Server
      Client Utilities
         3 - Network Shell
         9 - Start the installation
          A - Select all components
      Select component:

  3. Select 9 to start the installation.

  4. When you see the prompts to set up the root privileges for the RSCD Agent, select n.
    You will manually configure these privileges later, before you run the post-install configuration utilty (blappconf).

    Set up an initial host with root equivalency (y/n) ? n
    Set up a mapping for a particular client user (y/n) ? n
  5. Follow the remaining instructions in the installation script.

Note

  • To avoid permission issues with bladmin, do not install a local installation beneath the root home directory.
  • If you are setting up VMware ESX servers, you must define certain properties that allow the Application Server to communicate with a web service which accesses the ESX server's virtual infrastructure. For more information on configuring an ESX server, see Setting-up-a-VMware-vSphere-environment.


TrueSight Server Automation version 8.8 and later support Security-Enhanced Linux (SELinux). You do not need to enable the allow_execmod and allow_execstack commands during agent installation. If it is already enabled on the target the agent installer will not disable it. Note that support for SELinux is limited to the following configured state (as defined through /etc/sysconfig/selinux):

SELINUX=enforcing
SELINUXTYPE=targeted

Multi Level Security is not supported.


Back to top

Step 5: Run the post-install configuration utility

The Post-Install Configuration wizard consolidates the minimum configuration steps that must be performed to set up an Application Server. 

  1. Before you configure the Application server, add the property local account name for the file server to /etc/rsc/exports (Linux) or C:\windows\rsc\exports (Windows).
    Linux:
    * rw,user=root

    Windows:

    * rw,user=Administrator These permissions grant wide-open access to the file server. For more information, see File-server-requirements.

  2. To start the Post-Install Configuration wizard, do one of the following:
    • Perform an installation that includes installation of the Application Server. The installation program gives you the option of launching the wizard at the end of the installation procedure.
    • From the Windows Start menu, select Programs > BMC Software > BladeLogic Server Automation Suite > Utilities > Application Server Configuration Wizard.
    • Start the wizard manually by running one of the following commands in the directory where TrueSight Server Automation is installed. Enter the following:

      • (Windows)

        bin\blappconf.exe

      • (UNIX)

        ./br/blappconf

        Note

        If you invoke the wizard without passing the -i (install) flag, the wizard displays configuration settings that have already been entered for the Application Server and allows you to change those settings.

        The configuration wizard opens.

  3. Read the introductory page and click Next. The Database page appears.
  4. Choose a Database Type (either Oracle or SQL Server).
  5. If you are not using a custom connection string, provide the following database configuration information (and do not select the Advanced option):
    • Database Server — Host name or IP address (IPv4 or IPv6) of the server running the database.

    • Database Port— Port the database listens on. By default a TrueSight Server Automation installation uses the following database ports:

    • Database Name — Microsoft SQL server database name. By default, the database name is bladelogic . (This option is only available for SQL server databases.)
    • SID — System ID of the Oracle database. (This option is only available for Oracle databases.)
    • User ID — User name that the database needs to authenticate your connection.
    • Password — Password assigned to the user ID.
      or...
      If you are using a custom connection string, provide the following database configuration information:
    • User ID — User name that the database needs to authenticate your connection.
    • Password — Password assigned to the user ID.
    • Advanced — Select this option to indicate that you are providing a custom connection string.
    • Connection String — Type the custom connection string in the field below the Advanced check box.
  6. Click Next. The File Server page appears.
  7. Provide the following file server configuration information:
    • File Server Name — Host name or IP address (IPv4 or IPv6) of the server where data is stored. By default, the file server is created on the same machine as the Application Server.
    • File Server Storage Location — Directory on the file server where data is stored. By default, the directory of the file server is <appserverInstallDirectory>/storage.
  8. Click Next. The Notification Servers page appears.
  9. Provide information identifying an email server by entering the following under SMTP Options:
    • SMTP Server — Name or IP address (IPv4 or IPv6) of the host managing email. (SMTP stands for simple mail transfer protocol.)
    • E-mail From — email address from which TrueSight Server Automation-generated email is sent. TrueSight Server Automation jobs can generate email upon their completion.
  10. If you are using SNMP trap notifications, provide information identifying the SNMP server by entering the following under SNMP Options:
    • SNMP Server — Name or IP address (IPv4 or IPv6) of the host to which SNMP traps should be sent.
    • SNMP Port — The port on the SNMP server that listens for SNMP traps. By default, the port is set to the standard SNMP port of 162.
  11. Click Next. The User Passwords page appears.
  12. Under both RBACAdmin User and BLAdmin User, enter a password and then retype the password to confirm your entry. If a password is already set, you cannot enter a password.
    Passwords are used to authenticate the RBACAdmin and BLAdmin users through the SRP authentication protocol.
    The RBACAdmin user has full permission to manage roles and users in the RBAC Manager workspace in the TrueSight Server Automation Console, where you can assign permissions for all TrueSight Server Automation users. The BLAdmin user has Read access for all system objects within TrueSight Server Automation. For more information about the RBACAdmin and BLAdmin users, see RBACAdmin-and-BLAdmin-users.
  13. (optional) In the Advanced Configuration panel, set Enable Provisioning for bare metal provisioning. You must also set up the provisioning system, create components used by the provisioning process, prepare devices, and create and execute Provision Jobs that perform the unattended installation of the operating system. For more information, see Implementation-process-for-provisioning.
  14. Click Finish.
Recommendation

BMC recommends that you synchronize the clock on the Application Server and all client machines. Clocks should be synchronized to the minute. For example, if an Application Server is in Boston, where the time is 7:04 Eastern Time, set the clock on client machines in San Francisco to 4:04 Pacific Time.

Back to top

Step 6: Install the console on your client system

Click here to see a list of prerequisites for installing the console.
  • To install the TrueSight Server Automation Console, you can use the installation wizard in the user interface or silent mode. You cannot use console mode. To use the installation wizard, follow the steps below. To use silent mode, see Using-silent-mode-to-install-the-TrueSight-Server-Automation-Console-Linux-and-UNIX.
  • You must have an X Window server installed and configured.
  • You must have write access to the /tmp directory, as well as sufficient disk space. To review the hardware requirements for the console, see Minimum-hardware-requirements.
  • Make sure that port 12333 (TCP) is not being used. Installation of the console requires use of this port; if it is already in use, the installation fails.
  • Linux platforms on which you plan to install the TrueSight Server Automation Console (RCP client) or Network Shell must have the libtermcap.so.2 shared library installed. Install the shared library before installing these components. For more information, see Requirement for installing the Application Server, TrueSight Server Automation Console, or Network Shell on Linux.
  • If the version of the RSCD Agent does not match the version of the console, uninstall the old RSCD Agent and install a new version that matches the console. Stop the RSCD Agent before you try to install the console.
  • You must close all the NSH shell windows while installing TrueSight Server Automation Console.
  1. Navigate to the directory containing installation files and run the installation script for the TrueSight Server Automation Console. (Script names follow the convention: TSSACONSOLE<version>-<platformbit>, for example, TSSACONSOLE89-SP3-LIN64.bin) You must execute the installation from a root shell. Do not execute the installation script from a non-root account.
  2. The TrueSight Server Automation Installation window opens.
  3. Select a language, and then click OK.
    A series of messages indicate progress. This process might take several minutes. Then the Welcome window opens.
    TSAConsoleUnix2.png
  4. Click Next.
    The Review License Agreement page opens.
    TSAConsoleUnix3.png
  5. To accept the license agreement, select I agree to the terms of the license agreement, and then click Next.
    The User Inputs window opens.
    TSAConsoleUnix4.png
  6. (optional) Remove the check marks from any components that you do not want to install, and then click Next.
    A series of messages indicate progress.
    TSAConsoleUnix5.png
  7. (optional) Select Check to install the default .nsh resource files into /etc/skel.
    TSAConsoleUnix6.png
  8. Click Next.
    The Installing window previews the features to be installed.
    TSAConsoleUnix7.png
  9. To install, click Install. To change your selections, click Previous.
    A series of messages indicate progress. This process might take several minutes. Then the Installation Summary window opens, indicating successful installation.
    TSAConsoleUnix8.png
  10. (optional) Click View Log.
  11. Click Done.
    The window closes. Installation is complete.
  12. Start the RSCD Agent and then start the console (for example, /opt/bmc/BladeLogic/CM/rcp/launcher). To configure the console so that it connects to the default Application Server, click Options.
    TSAConsoleUnix9.png
  13. Click the Authentication Profiles tab and click Add. TrueSight Server Automation clients use authentication profiles to facilitate single sign-on feature. You must create an Authentication profile before you start using the Console. For more information about why we use Authentication Profiles, see System-capabilities-related-to-security.
    TSAConsoleUnix10.png
  14. Enter the following information.
    TSAConsoleUnix11.png
    1. Assign a name to the authentication profile. For example, you could assign a name such as QATeam, DevTeam, or defaultProfile.
    2. Enter the name or IP address (IPv4 or IPv6) of the default Application Server to which the client should connect.
    3. Enter an Authentication Port number to which the client should connect. The same port is used for all TrueSight Server Automation authentication mechanisms. The default Port is 9840. For more information about Console ports, see TrueSight-Server-Automation-ports.

    4. Select any one authentication mechanism for the authentication profile:

      • Secure Remote Password.
      • AD/Kerberos Single Sign-on.
      • Domain Authentication.
      • LDAP.
      • RSA SecurID Authentication.
      • Public Key Infrastructure Authentication.

      In this walkthrough we will use the Secure Remote Password mechanism. For information about implementing the other authentication mechanisms, see Implementing-authentication

    5. Click OK.
  15. Click Connect to log on the Application Server using the BLAdmin user that is created while installing the default Application Server node.
    TSAConsoleUnix12.png
  16. If you see a security alert that the certificate is not initially trusted, optionally, you can view the certificate. Or you can simply click Yes to proceed. 
    TSAConsoleUnix13.png
  17. The quick start page is the first page that is displayed once you log on the the Console. It introduces you to the main use cases of TrueSight Server Automation and allows you to execute them from a centralized UI immediately after installing the TrueSight Server Automation set up. For information about using the quick start page, see Quick-start-page. For general information about the UI of the TrueSight Server Automation Console, see Navigating-the-interface.
    TSAConsoleUnix14.png

Back to top

Step 7: Connect to the Application Server

From the directory where TrueSight Server Automation is installed (for example, /opt/bmc/BladeLogic/CM), enter ./rcp/launcher.sh.

A logon dialog box appears. To log on, you must choose an authentication profile. For more information about creating authentication profiles, see Setting-up-an-authentication-profile. Perform the following steps to start the console and connect to the Application Server.

  1. Using the Authentication profile tab, select an authentication profile.
  2. If you:
    • Possess a valid cached session credential, skip this step and go to the next step.
    • Are using Active Directory/Kerberos (ADK) or public key infrastructure (PKI) authentication, skip this step and go to the next step.
    • Are using SRP, LDAP, or SecurID authentication, enter your user name and password. For SecurID, your password consists of a PIN followed by the current token code displayed on your RSA SecurID token.
    • Are using Domain Authentication, enter your user name and domain. The domain name must always be capitalized. If you are defined as a member of the default realm, you do not have to enter a domain name. For information about how to set up the default realm for Domain Authentication, see Configuring-Domain-Authentication.

  3. To change the setting for caching session credentials or the display language, click Options. The logon window expands to show additional options in a tabbed format. By default the Generaltab is open.

    Save credential for this session

    Saves a session credential between sessions.

    By default, this option is not checked. The setting for this option remains in effect for future logons until you change the setting. If a session credential is already cached, this option is dimmed.

    Language

    Displays your choice of language (either your previous choice or your acceptance of the installation default). Select a new display language for the console or keep the current user preference. The selection remains in effect as your default language for future logons until you make a new choice.

  4. Click Connect.
    If the Application Server presents the TrueSight Server Automation Console with an X.509 certificate that is not trusted, a security alert appears. Most Application Servers use self-signed certificates, so typically you encounter this dialog box the first time you access a particular Application Server.
  5. If a security alert does not display, skip this step and go to the next step. If a security alert describes an untrusted certificate, do one of the following:
    • To return to the logon dialog box, click No. You can cancel the logon session or use a different authentication profile to log on.
    • To accept the unknown certificate and proceed with the logon, click Yes.
    • To examine details about the certificate, click View Certificate. For more information about this procedure, see Viewing-an-untrusted-certificate. After examining the certificate, click Yes or No, as described above.
  6. If multiple roles are associated with your user name, the Assume Role dialog box appears. From this dialog box, for Select Role, choose the role you want to use. 
    If you prefer, you can switch roles later at any time during a session. (See Switching-roles.)

  7. Click OK. The TrueSight Server Automation Console appears.

    Note

    When the console starts, by default it loads certain types of information by running a background operation. The Show background operations icon g_v95_showBackgroundOperationsIcon.gifin the lower right corner of the console indicates a background process is running. For information about background processes, see Running-background-operations.

Back to top

Where to go from here

  1. Perform the following tasks that are specified in Importing-out-of-box-content-and-enabling-the-dashboards-and-quick-start-page:
    1. Import agent installers, agent bundles, and Agent Installer Jobs.
    2. Activate the Health and Value dashboards.
  2. Configure  TrueSight Server Automation . For more information, see Configuring-after-installation.

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*