Middleware Deployment using IBM Tivoli Endpoint Manager



Tivoli Endpoint Manager (TEM) can manage physical and virtual targets like servers, desktops, laptops, and specialized equipment such as point-of-sale devices, ATMs and self-service kiosks. One thing that TEM has mastered is patch deployment - a daily need for any organization with more than 2000 computers.

TEM can perform software deployment on 'N' machines with just a few clicks.However TEM lacks the capability to deploy large softwares like DB2 , Websphere Application Server , Oracle , Microsoft SQL Server and many such middle-ware softwares. Why din't TEM provide any fixlets for Middle-ware Management ??? Well deploying Middle-ware is not a every task like deploying latest patches ... Middle-ware softwares are used for datacenters and backend infrastructure.
Lets have a look at what a fixlet is ... Key components of the TEM platform include the TEM Agent, TEM Server and Console, TEM Fixlet messages, and TEM Relays.

TEM Server is the master and TEM agents are the slaves. Server sends commands and slaves listen and implement them if required. TEM Relay lies between the two trying to reduce the load of the Server. Note TEM Relay is a special TEM Agent acting as a bridge between the master and slaves ( Non-technically Relay is a Good slave ).

What are TEM Fixlets then ???? They are a form of questions and answers (commands) sent by TEM Server to all the TEM Clients including our special slave - TEM Relay. Below diagram gives an idea about TEM architecture ...


What is a relevance ??? In simple terms its like a Multiple Choice Question (MCQ) that the TEM server asks the TEM client. If the client answers an option from the valid answers , the relevance is said to be true else false. So Any question asked to the TEM client as a part of "Fixlet Relevance" should be answered in the form of true or false only. So a fixlet consists of multiple relevances and multiple actions (remediation).

For example if you had to decide which computer to deploy WAS on , you'll have the below check list :

  • Which flavor of computers to deploy on ? 
  • What kind of platform architectures WAS supports ? Does it match the architecture of the target computer ?
  • Locale of WAS to install ?
  • Is WAS already installed ? If yes then what version ?
  • Does the computer match the minimum system requirements for installing WAS ?

Lets try to get these questions in the form of relevance language , which the TEM client can understand ...

Which flavor of computers to deploy on ?
Relevance :
name of operating system as lowercase starts with "win"

What kind of platform architectures WAS supports ? Does it match the architecture of the target computer ?
Relevance :
architecture of operating system = "x86_64"

Locale of WAS to install ?
Relevance :
system language as string contains "English"

Is WAS already installed ? If yes then what version ?
Note : This is technique to find out if WAS is already installed or not. There are default methods to find out if a software is installed on a machine. Methods include checking for existence of a application specific file , folder , service , registry entry etc...
 Relevance :
not exists service whose ( service name of it as lowercase contains "ibm websphere application server" )

Does the computer match the minimum system requirements for installing WAS?
Note : In this case we can check for RAM only, however it can be a more specific check.
Relevance :  
size of ram >= 4 * 1024 * 1024 * 1024 

Wondering why am I writing the Relevance in English ? That's the beauty of Tivoli Endpoint Manager , we can write code in simple English language and the TEM client is smart enough to understand it. For best results use robust relevance language in your fixlets.

If a computer (TEM client) answers true to all above questions , then it is said to be relevant. Basically a candidate computer to deploy Websphere Application Server in this case. Once the candidates (TEM clients) have been identified , next step is to get the work done from the slave (TEM client). What is the work ? Install WAS 7.


Considerations for deploying WAS 7 :
  • Need the Websphere Application Server installable and a mechanism to download it locally on the TEM client.
  • Need to reduce the network bandwidth by compressing the binaries.
  • Binaries are compressed , so I need to validate the integrity of the compressed binary file (make sure its not corrupt)
  • Binaries are compressed , need to decompress them on the client.
  • Need to specify how to install the software with custom options the software provides.
  • Want to install the software silently even if no one is using the computer ... that's obvious else why do we need the Tivoli Endpoint Manager software.
  • Need to validate if the software was successfully installed.
  • And lastly, cleanup all the unwanted mess like decompressed binaries , temporary files etc.
Lets try to write an action code (trust me it will be real code but doesn't look like code) :

Need the Websphere Application Server installable and a mechanism to download it locally on the TEM client.
Action : 
download "http://MyTEM-Server:52311/Uploads/Websphere-Application-Server-7.tmp"
Note : this file will be downloaded on the TEM client in a directory named "__Download" for which the path is known to the client

Need to reduce the network bandwidth by compressing the binaries.
This is already done using .tmp file as shown in above download action. There is TEM tool named BFArchive to compress folder and files.

Binaries are compressed , so I need to validate the integrity of the compressed binary file (make sure its not corrupt)
Action : 
continue if { size of "__download\Websphere-Application-Server-7.tmp" = 1549442912 and sha1 of "__download\Websphere-Application-Server-7.tmp" = "3816ca524fd1c5307ff97d322c430a7de5b8ae69" }

Binaries are compressed , need to decompress them on the client.
Action :
extract "__Download\Websphere-Application-Server-7.tmp" "{name of drive of windows folder}\windows\temp\was7"

Note : We are trying to inspect the client by asking "name of drive of windows folder" enclosed in curly brackets. Client will answer "C:", this is pure encapsulation trying to hide the real inspector code and enabling the user to write robust code.

Need to specify how to install the software with custom options the software provides.
This can be done using a response file which the WAS installer can understand. Client need not worry about this file.
Action : 
download "http://MyTEM-Server:52311/Uploads/Websphere-Application-Server-7-ESE.rsp"

Want to install the software silently even if no one is using the computer ... thats obvious else why do we need the Tivoli Endpoint Manager software.
Action :
waithidden "{ name of drive of windows folder }\windows\temp\was7\install.exe -options="{ __Download\WAS-7-ESE.rsp }" -silent "

Here the waithidden command will run the exe and suppress any UI shown by the WAS-7 install.exe. It will also wait till the software is installed and an exit code is returned.

Need to validate if the software was successfully installed.
Here we can check for exit code received by running the above install.exe.
0 = success , anything else is partial success or failure.
Action :
continue if { exit code of action = 0 }

And lastly, cleanup all the unwanted mess like decompressed binaries , temporary files etc.
Action : 
folder delete "{ name of drive of windows folder }\windows\temp\was7"

Done !!! Done !!! Done !!! Successfully deployed Websphere Application Server 7 on a windows machine using Tivoli Endpoint Manager. We can have a better and optimized approach towards deploying middleware.
+