This page  describes how to configure your IBM Endpoint Manager environment for the deployment of a Linux operating system by using IBM Endpoint Manager for OS Deployment, IBM Endpoint Manager for Server Automation, and Tivoli Provisioning Manager for OS Deployment.

System Requirements

From an architectural perspective, you need the following components:

  1. A Tivoli  Provisioning Manager for OS Deployment Server on a dedicated machine
  2. An IBM Endpoint Manager Server that must be subscribed to both “OS Deployment and Bare Metal Imaging” and “Server Automation” sites
  3. An IBM Endpoint Manager relay, connected to the IEM server, with a Bare Metal OS Deployment server installed locally.
  4. At least one bare metal target
  5. A DHCP server providing IP addresses and (optionally) other network parameters to boot machines. It is important that DNS be included in the set to resolve the IEM server hostname.

The following graphic describes the main components and their roles:

 

Preparing the deployment objects

 

To prepare a Linux image for deployment in a System Automation plan, you must perform the following steps in order:

  1. Create the Linux profile
  2. Create the software modules
  3. Create or edit the deployment scheme (optional)
  4. Export the objects created or edited in the previous steps in a .rad format

Important: You must run the preparation steps on a dedicated Tivoli Provisioning Manager for OS Deployment server. This machine must NOT have IBM Endpoint Manager client running, or else  it will be listed among the available Bare Metal Servers in the "Bare Metal Server Manager" dashboard in your Endpoint Manager  environment.

 

  1. Import the .rad file to the IBM Endpoint Manager Server
  2. Deploy the Linux Profile

Step 1:  Create the Linux Profile

You can create the Linux profile by generating it from a DVD image or from a reference machine. In the first case, it is referred to as unattended setup. In the second case, it is a cloned profile.

Creating a Linux unattended setup profile

To create a RedHat Enetrprise Linux Server 6.5 unattended profile, proceed as follows:

 

  1. Login to the Tivoli Provisioning Manager for OS Deployment web user interface and browse to Server -> OS Deployment -> System profiles
  2. Click new profile. The Profile Wizard opens. Choose unattended setup option

 

 

     3. Choose Linux as platform of the new unattended profile

 

 

  4.  Select the machine where the DVD or the ISO image has been mounted. This machine MUST have a rbagent component registered to  the Tivoli Provisioning Manager for OS Deployment server

 

 

    5. Browse to the drive where the  DVD image or the .iso image is mounted

 

   6. Wait for rbagent component to detect the operating system image in the path provided in the  previous step. When the detection phase is complete, the results are displayed in  the wizard:

 

   7. If needed, refine the partition layout:

 

 

  8. By default, Tivoli Provisioning Manager for OS Deployment  automatically selects  the base content of the Linux DVD image

 

 9. You can  also add other software package groups from the DVD image to the system profile you are creating. Default options do not install any graphical environments.

 

 

10. Set the root password, language and time zone of the system profile

 

 

 11. If you want to use your own custom ks.cfg file, you can add it:

 

 

12. Set the profile name, as it will be displayed on the Tivoli Provisioning Manager for OS Deployment web user interface

 

 

13. Wait for the profile creation to complete

 

 

14.  Check that the created profile is displayed in the list of system profiles

 

 

Linux Profile details view

If the profile is selected in the Tivoli Provisioning Manager for OS Deployment web user interface, the following page opens. You can modify the partition layout and other settings by selecting the OS configuration at the bottom of the page

 

WARNING: Tivoli Provisioning Manager for OS Deployment allows the binding of  multiple OS configurations to the same system profile. However, to export the system profile and then import it to IBM Endpoint Manager, your system profile MUST have only one OS configuration  linked to it.

 

Step 2: Create the Linux software modules

You must add the IBM Endpoint Manager client as software module to the .rad archive that is imported to the IBM Endpoint Manager server. The instructions for manually installing  IBM Endpoint Manager client for Red Hat Linux platform, are available here: Red Hat IEM Client installation.

To successfully register the IBM Endpoint Manager client to IBM Endpoint Manager Server, the IBM Endpoint Manager client must have the certificate file actionsite.afxm, related to the IBM Endpoint Manager it wants to register to. It is recommended to create a dedicated software module for each certificate file.

The official Tivoli Provisioning Manager for OS Deployment documentation provides the guidelines needed  to create a software module for Linux systems at this page: Linux software module creation

 

Create a Linux software module that includes IBM Endpoint Manager client

The IBM Endpoint Manager client for Linux is provided as rpm package, hence you must create a software module of type RPM. The official Tivoli Provisioning Manager for OS Deployment documentation provides guidelines  to create a software module of type rpm for Linux systems at this page: Linux rpm software module creation.

The rpm provided by IBM changes according to Linux distribution, so  if you plan to provision SUSE Linux OS to a Server, the creation of a software module containing IBM Endpoint Manager Client rpm file for SUSE is needed.

  1. Login to the Tivoli Provisioning Manager for OS Deployment web user interface and browse to Server -> OS Deployment -> Software modules
  2. Click on new Software button (bottom left of the page). The Software wizard opens; select Linux as platform

    3. Select to create a software module of type RPM

 

    4. Select the machine where the RPM file was copied. This machine MUST have an  rbagent component registered to the Tivoli Provisioning Manager for OS Deployment server:

 

   5. Browse to the folder where the RPM file was copied:

 

 

   6. Wait for the  the  rbagent component to display the  information extracted from the RPM file

 

    7. Set the software module description. You should add the Linux distribution and the architecture to the Description, so that it can be easily found in the list of all software modules. You can also change the Description after the module is created.

 

   8. Enter the installation command as specified in the Tivoli Provisioning Manager for OS Deployment User's Guide:

 

    9. Wait for the software module creation to complete.  If  you have not changed the description value earlier, you can do it now:

 

Create a Linux software module to import the IBM Endpoint Manager Certificate file

If you want to connect the IBM Endpoint Manager client to the  IBM Endpoint Manager server at the end of the OS provisioning, the certificate file must be imported as  a software module.

To create this custom software module, you must use a custom script to copy the masthead file. This script is provided here only as a sample without any warranty about its behavior. The certificate file name MUST be actionsite.afxm

#!/bin/bash

if [ ! -d  /etc/opt/BESClient/ ]; then
    mkdir -p /etc/opt/BESClient/
fi

cp -f /install/masthead_workstation/actionsite.afxm /etc/opt/BESClient/

/etc/init.d/besclient start

 

1. Log in to the Tivoli Provisioning Manager for OS Deployment web user interface and browse to Server -> OS Deployment -> Software modules

2. Click on new Software button (bottom left of the page). The following wizard opens; select Linux software module

3. Choose a custom action software module

 

4. Choose a "set of files to copy on the target computer" option

 

 

5. Choose the machine where the script and the certificate have been copied. They MUST  be in the same directory

6. Browse to the folder where the files were copied

 

   7. Check that the folder contains only the files you need:

 

 

 

8. Optionally, you can set the description name to a value different from the default

 

 

9. Specify the command to launch on the target:

 

10. Wait for the software module creation to complete.

 

 

Step 3: Create or edit a deployment scheme (optional)

Deployment schemes contain settings that define how the deployment of the operating system is done. When you install Tivoli Provisioning Manager for OS Deployment server, a deployment scheme with name "Default" is always created. You can edit settings in the default scheme  or create a new deployment schema. You can view details about creating and editing a deployment scheme here.

 

To edit an existing deployment scheme:

 

1. Log in to the Tivoli Provisioning Manager for OS Deployment web user interface and browse to Server -> OS Deployment -> Task Templates

2. Select the deployment scheme folder

 

3. Select a deployment scheme from the list and click on the  "view deployment parameters" link

4. Apply the desired changes and click ok. The recommended final action is reboot

 

Step 4: Export the deployment objects in RAD format

 

Exporting objects in RAD format is a step you perform  from the Tivoli Provisioning Manager for OS Deployment web user interface. The .rad file format is a proprietary archive format of the Tivoli Provisioning Manager for OS Deployment product.

1. Log in to the Tivoli Provisioning Manager for OS Deployment web user interface and browse to Server -> OS Deployment -> Software modules

2. Click on RAD export button at bottom of the page. The export wizard opens

3. Select the IEM Endpoint Manager client and "Copy masthead_workstation" software modules, the deployment scheme ("Default" if no other deployment schemes were added) and the Linux profile created above. Then click next

 

4. Select the destination folder

If file size is less than 2 GB, you an also download it  through an HTTP connection (link at the top of the wizard), otherwise one of the possible options MUST be selected. After the .rad file has been saved locally, it has to be copied to IBM EndPoint Manager Server environment. Then you can import it to the Image Library dashboard.

Step 5: Import the .rad file to the IBM Endpoint Manager Server

 

You import the .rad file to the IBM Endpoint Manager Server through the Image Library Dashboard. Log in to the IBM Endpoint Manager Console. In the OS Deployment and Bare Metal Imaging site, select Image Library. The Image Library Dashboard opens. Click Import Image

 

Browse to the folder where the .rad file was transferred. Select the .rad format (bottom right of the wizard) and select the .rad image file:

 

Select the file and click on open; then click Analyze. The import step starts with an image introspection and then proceeds in the background (green arrow visible on the console).  It may take some time, depending on the IBM Endpoint Manager server performance and other factors (IBM Endpoint Manager console on a different machine from  IBM Endpoint Manager Server). At the end of the import process, the image will be available in the Image Library dashboard. Select it and click the Send to Server button to copy it to the Bare Metal Server.

 

 

The copy action can  take time, and is affected by the  network bandwidth between the IBM Endpoint Manager Server and the  IBM Endpoint Manager relay. When the action is complete, you can check that the image is available at the  Bare Metal Server side from both the Image Library and Bare Metal Server Manager dashboards.

 

From the Image Library Dashboard:

 

 

 

 

From the Bare Metal Server Dashboard:

 

 

You are now ready to provision the operating system using the Server Automation fixlets. More details about the behavior of these fixlets is  available here: deployment of .rad profiles

 

Deploying the RAD profile from the IBM Endpoint Manager Console

 

Deploying the profile through direct invocation of the RAD fixlets

To deploy the profile using the Server Automation RAD fixlets, from the set of available fixlets, select number 133 or number 107.

The main difference is that fixlet 133 as a first step registers the target of the OS provisioning to the Bare Metal Server and then asks  for the  hostname of the machine being provisioned. On the contrary,  fixlet 107 uses the hostname which is already registered in the Bare Metal Server database. You must specify the target and .rad profile values in the Fixlet fields, then you run the Fixlet on  the Bare Metal Server.

 

 

Even if the fixlet is marked as complete on IBM Endpoint Manager console, it does not necessarily mean that the actual OS provisioning  has completed too. You can monitor the progress of the OS provisioning from the  Deployment Activity Dashboard.

 

 

 

OS Provisioning using an Automation Plan

You can create custom Automation Plans that have OS provisioning as a first step, by using one of the Fixlets described in the previous paragraphs.

 

At the end of the OS provisioning, the new machine is registered to IBM Endpoint Manager server

 

A printable (pdf) version of this page is available at the link below:

Linux OS Deployment using Server Automation