BladeLogic FAQ

Version 1
    Share:|

    This is rev 0.0.1 of Sean's unofficial BladeLogic FAQ.  It is very much a work in progress.  Contributions welcome.  If this is stale, please bug me about it.

     

    ------------------------------------

    Appserver Installation

    ------------------------------------

     

      A skilled administrator should be able to install BladeLogic in about 30 minutes, with the proper resources at hand.  These include, a configured database, the "external files" zipfile, which contains the db setup scripts, the appropriate installers for your platform (beware 64-bit installers).

     

    For Windows, the agent is usually installed on the application server before the application server and other optional components (like provisioning utilities).  For UNIX, the OM installer contains the bits to install the GUI, the appserver, agent, and all provisioning components.

     

    UNIX: Hit 'q' to skip reading the license agreements.

     

    Either way, make sure to configure appropriate ACLs (these are documented in the install guide) on the fileserver agent before doing the post-install setup.  One way to configure these (and not necessarily the right ones for you or your environment) is to replace the default entry in the /usr/lib/rsc/exports or C:\Windows\rsc\exports files with "* rw,user=root" or "* rw,user=Administrator". 

     

    --------------------------------------

    Agent Installation

    ------------------------------------

     

    The fastest and easiest way to install a single UNIX agent is by copying the ".sh" or "shell script" version of the agent out to the target system (I usually put them in /tmp), and running "RSCD-<version>-<platform>.SH -silent".  To configure the agent to install to a different path, simply configure an "nsh-install-defaults" file (a type of silent response file), and put it in the same path as the installer.

     

    The fastest way to install one or more Windows agents is by generating an InstallShield Silent response (.iss) file.  You can do this by running (from c:\temp):

     

    c:\temp\rscd.exe -a -r -f1c:\temp\rscd.iss

     

    (the -r means "record")

     

    Then, on another system, you can use this by copying out the agent .exe and the newly-created .iss file, and doing:

     

    c:\temp\rscd.exe -a -s -f1c:\temp\rscd.iss

     

    Either way, I recommend either building the response files so that they grant access to at least one user (for example, BLAdmins:BLAdmin, or another administrative user) administrative privileges, or copying privilege files

     

    -------------------------------------

    Licensing

    ------------------------------------

     

    Use the agentinfo utility from an NSH prompt (and an account with the appropriate privileges on that particular agent (exports or users files)) to verify that the agent is licensed.  After initial installation, there is a 10 day temporary license.  The License field will show "License for NSH/CM expires on January 10, 200x".  Once permanently licensed, it will show "Licensed for NSH/CM".  If the license has expired (or the underlying configuration changes, invalidating the license), it will show "Not Licensed".

     

    To license (or re-license) an agent, use either the automated network-based licensing utility, "autolic" as: "autolic <username> <password> host1 [host2 host3 ...]", or the manual "getlic" and "putlic" utilities.  getlic retrieves licensing information from the agent, stores it in a "license.raw" file in the local directory (that getlic was run from).  You then upload that to the BladeLogic licensing website, and it will give you a "license.dat" file to download.  Put that in the same directory (or another), run "putlic" from there, and it'll push licenses back to each of the host entries in the license file.

     

    ------------------------------------

    ACLs (agent)

    ------------------------------------

     

    There must either be a host entry or a user-specific entry in one of the exports, users, or users.local files.  The exports file can also be used to manage which hosts (to restrict access to the appservers only, for example) the agent will listen to. 

     

    ------------------------------------

    Change Tracking

    ------------------------------------

    Snapshot jobs can be used to capture the state of server configuration objects at a point in time.  The change between one or more snapshots can be used to track changes on a server.  As of the 7.5 release, Snapshot jobs can be used to directly report what has changed on a server, for example, between Sunday afternoon, after the Change window has closed, and Tuesday morning, when a problem has occurred.

    ------------------------------------

    Component Templates and Compliance

    ------------------------------------

    Component Templates can be used to collect configuration items, and measure compliance against policies and standards, including Security, Regulatory, and Build standards. 
    A Component Template is usually created, one or more configuration objects identified, and then new components are created manually, or automatically using a [Component] Discovery Job.  Components, once created, can be used just as specific configuration items, for Snapshot, Audit, and Compliance jobs.  Which components, and how they're used for each, are defined within the Component Template.  CIS and PCI policies are common examples of packaged content delivered through Component Templates.  Component Templates also allow for easy parameterization and packaging.

    ------------------------------------

    Advanced Techniques

    ------------------------------------

     

    ------------------------------------

    Bulk Installation

    ------------------------------------

    The Bulk Installer can be used to install many agents in a short window of time, and with less effort than manual installation.  If installing Windows agents, there are a few supporting tools required (like pstools).  Nmap is also helpful.  I usually just drop the executables for these into the ...OM/bin/ directories, since they're already in the search path, etc.

    ------------------------------------

    Grammars
    ------------------------------------
    Configuration objects, including Configuration Files and Extended Objects are specific files, scripts, or commands that output information in a specific format.  The product ships with over 50 different configuration formats, called grammars.  These are stored in ".gm" files.  Writing your own grammar is considered an advanced topic.  However, if you're interested in doing so, please contact Sean Berry at sean_berry@bmc.com, and he'd be glad to help, or direct you to the appropriate person to help.