® © 2006 IBM Corporation Usage of TPM for ITM V6 agent install, upgrade and configuration Mike McIntyre

IBM Global Technology Services | Securities Industry Services Agenda  IBM Securities Industry Services (SIS)  SIS IBM Tivoli Monitoring (ITM) V6 Environment  SIS Tivoli Provisioning Manager (TPM) Environment  TPM Software Install and Upgrade Methods  ITM V6 Install, Upgrade with createNode, addSystem, updateAgent  Benefits from using TPM ITM V6 agent automation package  Demonstration  Install of ITM agents on a server  Upgrade of ITM agents on multiple servers  Reporting of ITM agents versions  Uninstall for back out and server decommissioning  Stop, start and restart of ITM agents  ITM monitoring of TPM server

IBM Global Technology Services | Securities Industry Services IBM Securities Industry Services (SIS)  SIS has been a division of IBM Global Services since 1967  Provides a comprehensive front and back office shared processing environment for Canadian banks and brokerage firms  Wealth management services used by about 60% of the Investment Dealers Association (IDA) of Canada member firms  Securities trade processing solutions  Client account positions and balances  Web based application can be used by investment advisors and investors for placing orders and viewing clients, accounts, orders, trades, transactions, securities and households  More information at

IBM Global Technology Services | Securities Industry Services SIS ITM Environment TEP –Tivoli Enterprise Portal (client) TEPS –Tivoli Enterprise Portal Server TEMS –Tivoli Enterprise Monitoring Server R-TEMS – Remote TEMS TEMA –Tivoli Enterprise Monitoring Agent

IBM Global Technology Services | Securities Industry Services SIS ITM Environment  Distributed operating systems of AIX, SLES Linux on z, RHAS Linux on Intel and Windows  Mainframe systems of z/OS and z/VM  ITM V6 OS Agents  m5 OMEGAMON XE on z/OS  lz Monitoring Agent for Linux OS  nt Monitoring Agent for Windows OS  qv Monitoring Agent for VMware ESX  um Universal Agent  ux Monitoring Agent for UNIX OS  vl OMEGAMON XE on z/VM and Linux  ITM V6 Middleware Agents  cp OMEGAMON XE for CICS on z/OS  dp OMEGAMON XE for DB2 PE and PM on z/OS  ip OMEGAMON XE for IMS on z/OS  s3 OMEGAMON XE for Storage on z/OS  mc WebSphere MQ Configuration Agent  mq WebSphere MQ Monitoring Agent  n3 OMEGAMON XE for Mainframe Networks  qi WebSphere Message Broker Monitoring Agent  ud Monitoring Agent for DB2  yn Monitoring Agent for WebSphere

IBM Global Technology Services | Securities Industry Services SIS TPM Environment  Deployment of TPM started in January 2008  TPM Fix Pack 1 Interim Fix IF00003 on SLES 9.0 Linux on z  TPM database on separate DB2 V8 SLES 9.0 Linux on z server with HADR to a standby DB2 server  SSH for Linux, UNIX and SMB/CIFS/DCE/RPC for Windows. TPM uses Remote Execution and Access (RXA) for agentless management of remote target computers using these protocols  sudo on Linux, UNIX used to permit a user, group to run certain commands as root or another user. /etc/sudoers entry for userid tpm to run all commands. Documented list of security controls approved by our security group and implemented  TPM workflow code of Device.ExecuteCommand will sudo sh for root or sudo su – userid if need to run script or command as another user  No Tivoli Common Agent (TCA) installed. TPM inventory scan supported for agentless

IBM Global Technology Services | Securities Industry Services TPM Software Install and Upgrade Methods – Automation Packages  Usage of TPM automation packages to copy and execute scripts, commands  TPM executing script with product install, upgrade commands and response file. Script exits with non-zero return code if failure  Installation code in sharable file system. No additional space requirements for installation, patch tar files extracted on target computers. Prevent failures due to lack of filesystem free space and extra time copying, extracting tar file  Installation code repository located in z/VM minidisks mounted read-write on single Linux on z system for update. Mount read-only on other Linux on z systems for software install, upgrade deployments. Accessible on all networks  NFS server on a single Linux on z server in each network for AIX and Linux on Intel software install and upgrade deployments  Future possibility to use Samba on Linux on z server for Windows software install and upgrade deployments  Installation code tar, zip file in TPM file repository that is copied to target computers and extracted

IBM Global Technology Services | Securities Industry Services TPM Software Install and Upgrade Methods – Software Package Block (SPB)  SPB from Tivoli Configuration Manager (TCM) can be installed with TPM and TPM for Software  SPB is created, updated with Software Package Editor and contains:  Variables and conditions check. e.g. $(os_name) == AIX  System actions to check free disk space and restart computer  Program actions to install vendor package (Microsoft MSI, Linux rpm, etc.) or execute program, script  Software installable file. SPB is unzipped on target computer  Requires Tivoli Common Agent (TCA)  IBM products can include SPBs. ITM create SPB package with:  tacmd ExportBundles -t lz -o spb -p li6263 -e /myDir  Optional use of Scalable Distribution Infrastructure (SDI) with depot servers to reduce bandwidth usage, installation time when transferring data from SPBs over WAN

IBM Global Technology Services | Securities Industry Services ITM createNode, addSystem, updateAgent  Populate ITM V6 agent installation code in ITM depot  Install Operating System (OS) agent with tacmd CreateNode  Linux, UNIX computers require the usage of userid root and password. Security policy can disallow remote root login  Install non-OS agents with tacmd addSystem  Upgrade a single agent product code with tacmd updateAgent  Updating agents involves stopping any that are running, applying the changes, and restarting them. With multiple agents on a server, extra time to stop and start agents  itmpatchagents can be downloaded from OPAL for instructions and script to scan and update group of agents with tacmd updateAgent

IBM Global Technology Services | Securities Industry Services Benefits from TPM ITM V6 automation package  Manual procedure to login to server, stop ITM agents, upgrade and start ITM agents  15 minutes per server. For 30 servers is 450 minutes or 7.5 hours  TPM install of ITM V6 product with mode upgrade to group of servers  5 minutes per server with TPM default of executing 5 deployments at a time. For 30 servers is 30 minutes  (Time saving per upgrade cycle is 44.5 hours) x (3 upgrade cycles per year) = hours total times saving per year  136 hours for development of first automation package for ITM V6 agent. Return on investment is 12 months after 3 upgrade cycles completed  Larger sized environments would experience greater time savings  TPM global variable default concurrency level or scheduled task property Concurrency Level could be raised higher depending on TPM database performance and amount of database update activity by workflows  5 minutes per server with TPM concurrency level changed to executing 10 deployments at a time. For 30 servers is 15 minutes  Consistent deployment method with different people executing deployment  Faster development for subsequent automation packages with reusing ITM workflow code