11 Replies Latest reply on Feb 7, 2011 2:55 PM by Bill Robinson

    Does ProvisioningServer really execute jobs?

    R V

      Hi out there,

       

      we set up a new environment with config/nsh-proxy on host1 and some jobservers on host2. host1 also "owns" the ip-address for the bmi-callback on port 9831.

       

      By reading through the threads I realized that a JOBserver is needed to set the sslPort to 9831 - which in our environment is - by design - not possible. Now it would be an easy task to add a JOB-deployment. But - again by design - this JobServer should not execute anything.

       

      And here comes my question:

      Is the "job-executing"-functionality really needed when receiving the bmi-callback on port 9831? Or is it safe to just set some "work-item-thread"-settings (don't know the exact name at the moment) to zero so no jobs are executed on host1 (and leave all the jobs for host2)?

       

      btw: if it's of any interest - this installation is on BL7.6

        • 1. Does ProvisioningServer really execute jobs?
          Bill Robinson

          9831 is for the job server profile type.

           

          why is it not possible in your enviornment to talk to that server?

          • 2. Does ProvisioningServer really execute jobs?
            R V

            The "design" is to have only CONFIGURATION and NSH_PROXY-server on that host1. But this host has also the IP-address for the provisioning-LAN. As we have a cluster this one address is switched to the active host. The jobserver(s) (in fact we have four of them - yes, maybe that's an important information here ) are not clustered.

             

            And: as always I'm interested in the things going on "behind the curtain"...

            • 3. Re: Does ProvisioningServer really execute jobs?
              Bill Robinson

              That design was incorrect then.

               

              Or add a job instance to the config server but setup the job routing rules so that it never runs jobs.

              • 4. Does ProvisioningServer really execute jobs?
                R V

                "That design was incorrect then."

                 

                according to the software's capabilities you are right. But from the customer's view I would say the software is "incorrect" - it depends on the viewpoint.

                 

                "Or add a job instance to the config server but setup the job routing rules so that it never runs jobs."

                 

                That nails down the opinion that the software is not well designed at this point: if no job has to be run on the server (i.e. host1) - why do I have to configure a JOBserver?

                 

                But - this answers my underlying question: the (so called) JOBserver is only needed to listen on port 9831 and not to execute any real job. Thank you!

                • 5. Re: Does ProvisioningServer really execute jobs?
                  Bill Robinson

                  Provisioning is a Job.  it just is backwards in that the target is polling the appserver for what to do instead of the other way around.  running provisioning is not a function of the ‘config’ server or the ‘nsh_proxy’ server profile types.

                  • 6. Does ProvisioningServer really execute jobs?
                    R V

                    Mmh, that sounds interesting. I think that most of the provisioning-tasks are executed by one of the job-servers. Actually the provisioning went very far (I'm not at the customer at the moment), the SuSE files were fetched from the pxestore and installed. The only thing that - to my memory - did not happen was the bmi-callback. There was some message like "port 9831 is not available on 11.22.33.44" (<= the above named IP-address).

                     

                    I will check tomorrow and add the exact mesage here and how far the installation actually went.

                    • 7. Re: Does ProvisioningServer really execute jobs?
                      Bill Robinson

                      Try it w/ windows and you will not get as far.

                      • 8. Re: Does ProvisioningServer really execute jobs?
                        Paul Seager-Smith

                        I can understand the point about it not making complete sense to have the 9831 port attached to the Job server, at least for provisioning. The sole purpose of this connection for provisioning is to update the database with the status of the provisioning process on the target. It does not interact with the provisioning job at all - the job can even be running on a separate physical machine and it will still pick up the update through the DB. Also, the other incoming connections from external systems all go into the CONFIG server, so it would logically make more sense. The SSL port is needed for other functionality on the JOB server though.

                         

                        That said, this is the way it is currently designed and there are reasons for the design, some of which we may not be aware of. You can raise an RFE to get this changed, but I think that it would make more sense to remove the need to have a connection from the BMI back to the app server at all.

                         

                        Regards,

                         

                        Paul

                        • 9. Re: Does ProvisioningServer really execute jobs?
                          R V

                          Thanks to both of you!!!

                           

                          Some additional info as promised:

                           

                          w/o JOBserver configured the provisioning history tells us that the provisioning job is executed on some jobserver-deployment on host2

                           

                          "Executin work item Provision Job:PollForProvisionedWorkItem; on application server: JobServerA1"

                          (with JobServerA1 running on host2)

                           

                          The installation runs through including installation of rscd-agent. After the agent-installation the error-message (complete message-sequence) that appears w/o the JOBserver configured is:

                           

                          Host Address: 11.22.33.44

                          host:11.22.33.44 port:0931

                          comm to provisioning server started

                          comm: to connect

                          connect to 11.22.33.44:failed

                          Could not connect to 11.22.33.44:9831. EC: 111

                          could not connect to blademetal server!

                           

                          Now I configured a JOBserver-deployment on host1 and did the following settings:

                           

                          blasadmin -s configandjobserver set AppServer MaxJobs 0

                          blasadmin -s configandjobserver set AppServer MaxJobThreads 0

                          blasadmin -s configandjobserver set AppServer MaxWorkItemThreads 0

                           

                          The provisioning job runs again on JobServerA1, could now connect to port 9831 on host1 and finishes as expected!

                           

                          Regarding this one from Paul:

                          "The SSL port is needed for other functionality on the JOB server though."

                           

                          Do you know of some or all of this "functionality"? The documentation just tells about:

                           

                          "SSL Communication Port 9831 Required if using Provisioning"

                           

                          and

                           

                          "9831 TCP Application Server Bare Metal Image communication to and from the Application Server. (By default the Application Server uses this port for SSL communication.)

                          • 10. Re: Does ProvisioningServer really execute jobs?
                            Paul Seager-Smith

                            I though 9831 was also used for the inter app server communication, but it's not, so it does seem like provisioning is the only place that uses this port.

                             

                            As Bill said though, most provisioning for Windows, RedHat and Solaris will fail part of the way through if this port is not reachable.

                            • 11. Re: Does ProvisioningServer really execute jobs?
                              Bill Robinson

                              Nope.  That’s 9836 and the port range 9850-9899