network environments and openmanage remote install · web viewwhen stored images are deployed to a...

Network Environments and OpenManage

Remote InstallEnterprise Systems Group (ESG)

Dell White PaperBy Danny Bertram, Benjamin Lai, and Anusha

Ragunathan

November 2002

ContentsIntroduction........................................................................................4Embedded Dell DHCP Server..............................................................6

Types of Scopes..............................................................................6Requirements of the Embedded DHCP Server...............................7Restrictions Involving Scopes........................................................7Multiple Network Interface Cards (NIC)s and IP Addresses..........7Router Support...............................................................................7Coexistence with other DHCP/PXE Servers....................................8Coexistence with other DHCP Servers on the Same Local Subnet.8Coexistence with other DHCP Servers on a Remote Subnet..........8

DHCP Client on Remote Install Agents...............................................9Vendor Class ID..............................................................................9DHCP Clients IP Renewal...............................................................9Can Clients Respond to a DHCP Server in the Network other than the DDHCP Server?.........................................................................9

How Remote Install Image Server Finds the Agents........................11Installation of Remote Install Agents...........................................11Discovery Process.........................................................................11

Capture Process Reset IP Address....................................................13Processes Involving Storage Shares..................................................14

How Storage Works......................................................................14Setting up Storage Shares............................................................14

Best Practices for Network Topology................................................16Single Connection Network Segment...........................................16Single Management, Multiple Connection Network Segment.....17Admin Console and Image Server in Separate Subnets...............18Multiple Management Subnets....................................................19

Figures

November 2002 Dell Enterprise Systems Group

Figure 1: Target System Across the Router from the Kickstart Engine (on the Image Server)................................................................................................................12

Figure 2: Single Connection Network Segment........................................................16Figure 3: Admin Console Outside the Single Network Segment...............................18Figure 4: Multiple Management Subnets..................................................................19


Section 1Introduction

Dell OpenManage™ Remote Install is a solution for provisioning and configuring Dell™ PowerEdge™ 1655MC blade servers in remote and automated mode over a network by using image-based technology.1

The networking environment in OpenManage Remote Install includes: DHCP (Dynamic Host Configuration Protocol) Server

DHCP provides a method for passing configuration information to hosts on a TCP/IP network. DHCP is based on the Bootstrap Protocol (BOOTP) for boot network devices, but adds the capability of automated allocation of reusable network addresses and additional configuration options. DHCP works with BOOTP relay agents.

DHCP is a network protocol used to administer IP Addresses on a network. Each computer configured to use DHCP requests an IP address from the DHCP server as it starts.

Pre-OS and Post-OS AgentsTarget systems have Agents that enable clients (DHCP, pump or PXE (Pre-boot Execution Environment)) to request IP addresses.

TFTP (Trivial File Transfer Protocol) ServerTFTP Server is used to download the boot image to the target systems.

PXE Server PXE Server encompasses the DHCP Server, TFTP Server, and the logic control behind the boot process. PXE is three technologies that create a standard set of pre-boot services in the boot firmware of Intel Architecture systems: A protocol for requesting the allocation of a network

address and requesting the download of a boot image A set of APIs in the system’s pre-boot firmware use by the

boot image or BIOS A method of initiating the pre-boot firmware to execute the

PXE protocol on the system

Using these technologies, a system can enter a network, acquire a network address and perform a network-based boot process.

1OpenManage Remote Install: Remote Configuration and Image-Based Deployment for Dell Servers By Richard Landau and John Zhang, Ph.D. (Power Solutions August 2002 http://www.dell.com/us/en/esg/topics/power_ps3q02-landau.htm )


http://www.dell.com/us/en/esg/topics/power_ps3q02-landau.htm

Dell PowerEdge servers include NICs with PXE BIOS support, and can be configured to boot first from the network through the BIOS boot order.PXE co-exists with other boot devices such as Floppy, CDROM, and Hard files. Boot order is defined in the system’s BIOS. Image Storage Server

Remote Install Storage Server is used for storing: Images that are captured from target systems Update packages that are used to configure the settings of

target systems.

This study provides in detail the functionality and working of these components in OpenManage Remote Install. It also provides guidance to network administrators who are trying to setup Remote Install by providing best practices.


Section 2Embedded Dell DHCP Server

Dell OpenManage Remote Install includes an integrated DHCP/PXE server. The integrated DHCP/PXE server is a full function DHCP server configured to support only specific clients. The PXE function is configured to only respond to Dell PowerEdge servers. All PXE-enabled Dell servers will be booted with the Dell OpenManage Remote Install pre-OS agent, which is a mini Linux operating system that Remote Install TFTP server sends out. The pre-OS detects the hardware and operating system on the target system. If the target system type is not in the supported list of Remote Install, Dell DHCP (DDHCP) will deny this system and block it from PXE boot again. As of version 1.0, Remote Install only supports Dell PowerEdge 1655MC servers.The embedded DHCP/PXE server supports multiple subnets, both local via multiple NIC adapters, and remote subnets across DHCP Relay-enabled routers. The embedded DHCP server can coexist with other DHCP servers on the network, and will only respond to Dell PowerEdge servers which are PXE boot-enabled or are specially configured DHCP clients. There are two different types of Scopes supported by the embedded DHCP server. A Scope is a definition of network configuration for a subnet. For the embedded DHCP these are: IP address, subnet mask, and gateway.

Types of ScopesThere are two types of DHCP scopes used by Remote Install:1. General Purpose

General Purpose scopes are allocated for PXE booting target systems. A general purpose-defined IP address is reserved for each managed system. Users must have a general purpose scope for each subnet that contains a managed server.

2. System ManagementSystem Management scopes allocate an IP address, subnet mask, and gateway for the system management card of the PowerEdge 1655MC and for Dell solution systems with the Dell Kick-Start support. The system management scope uses the vendor class and user class options of the DHCP protocol to identify the clients to which it will respond.


Requirements of the Embedded DHCP ServerAs with most DHCP server products, the embedded DHCP Server requires static IP addresses configured on the host system. Other requirements: DHCP Server requires a scope definition for each subnet for

the server to respond. There can be only one Dell Remote Install server on a

subnet. The embedded DHCP server on the second Dell Remote Install server to startup will be disabled.

Remote Install does not support using an external DHCP server in place of the embedded DHCP server.

Restrictions Involving ScopesEach system discovered by Remote Install has a general purpose scope defined by the IP address assigned to it. This IP address remains assigned to the system for PXE use even after the system is configured with a static IP address during the configuration stage. The IP address reserved for PXE boot will be displayed on the configuration page of Remote Install for systems in the “Wait for configuration” state and can be statically assigned to better allocate the IP address for a given subnet.Once an IP address is assigned for PXE boot, when a system is discovered it cannot be changed by editing the scope definition unless the system is deleted and re-discovered.

Multiple Network Interface Cards (NIC)s and IP AddressesDHCP Server automatically detects the available IP addresses for the host system and listens on each for DHCP and PXE clients. The server will only respond to those that have a General Purpose DHCP scope defined for their subnet.

Router SupportDHCP is fundamentally a LAN-based protocol because it depends on the ability of a client system to broadcast a request over Ethernet. A DHCP server must be able to hear the broadcast message. While most Ethernet switches are transparent to broadcast messages, most IP routers are not. Routers are usually configured to block Ethernet broadcast messages. Therefore, without some assistance, a DHCP server generally can support client systems on a single physical LAN segment only. The "DHCP Relay" feature of most routers can provide that assistance. The integrated DHCP/PXE server supports clients across routers. Most routers manufactured in the last several years include a feature called “DHCP Relay” that enables DHCP servers to serve more than one physical LAN segment. DHCP Relay is specified in RFC1542. A DHCP Relay function forwards DHCP request messages (broadcast by client systems that want address assignments) to a specified DHCP


server on some other LAN or subnet; and it forwards the replies from the DHCP server back to the client systems. With the cooperation of DHCP Relay enabled routers, a single DHCP server can provide service to client systems on multiple LAN segments. A separate DHCP scope must be configured for each subnet.For details on using routers with Remote Install agents, see Section 4: How Remote Install Image Server Finds the Agents on Target Systems.

Coexistence with other DHCP/PXE ServersThere can be no PXE servers on the same network as a Dell Remote Deployment server that can respond to a managed node. Dell Remote Deployment will PXE boot and discover all Dell PowerEdge 1655MC servers on the local subnet and remote subnets configured to relay DHCP requests to it.

Coexistence with other DHCP Servers on the Same Local SubnetThe embedded DHCP server can co-exist with another DHCP server, however the managed server must be configured with a static IP address or the other DHCP server will have to be configured to not respond to the MAC address of a managed server. The embedded DHCP server will only respond to servers that have been PXE booted and managed by Dell Remote Install. The embedded DHCP server can also be configured to respond to the System Management Card of the PowerEdge 1655MC, and to servers configured with Dell solutions that offer Kick-Start support on remote subnets.

Coexistence with other DHCP Servers on a Remote Subnet The embedded DHCP server can co-exist with another DHCP server on a remote subnet only if the DHCP server on the other network is specifically configured not to respond to the server to be managed by Dell Remote Deployment. The configuration depends on the embedded DHCP to find target systems.


Section 3DHCP Client on Remote Install Agents

Remote Install Agents start the DHCP client communicates with Dell DHCP (DDHCP) Server to obtain a temporary IP Address for starting communication with the Image Server. The temporary IP Address is obtained by running the DHCP Client daemon on all the Network Interfaces that do not have an IP Address. The DHCP Client runs with the Vendor Class ID called ‘DellKickstart’ to identify itself to the Dell DHCP Server that it is a valid address request from the target system.

Vendor Class ID DHCP clients use vendor class ID to identify their vendor type and configuration. Vendors use vendor class ID to convey identifying information relating to hardware, operating system, etc. In Remote Install, DHCP clients use the vendor class ID ‘DellKickstart’ to identify the target system hardware as a Dell system to the DDHCP Server.

DHCP Clients IP RenewalA DHCP client renews its IP address with the DHCP server once the lease time expires. This way the communication between the Image Server and the target system is continual. But, on a Linux system after a static IP is assigned to the NIC, the DHCP client will still keep renewing its lease throughout, which means the NIC configuration set by the Image Server would possibly get overwritten by the DHCP client. In order to avoid this conflict, the Remote Install Linux agent kills the DHCP client after the target system is configured. This way the new IP Address that the NIC is configured through takes effect.

Can Clients Respond to a DHCP Server in the Network other than the DDHCP Server?

As far as the DHCP client in the OS level is concerned, the client can obtain DHCP IP Address from a different DHCP server on the same subnet, unless the other DHCP server blocks the client request due to restrictions in its configurations. After the client obtains IP address, the agents start communicating with the Image Server as expected.The user has to be careful in this scenario. The reason is that, if the other DHCP server hands out an address that is in a different subnet from that of the DDHCP server, then there would be no further communication between the client and the DHCP server, and thus the system would get disconnected from the DDHCP Server and consequently from the Image Server.


Section 4How Remote Install Image Server Finds the AgentsInstallation of Remote Install Agents

Installation of the Remote Install Agents is done using the Dell OpenManage Systems Management CD in either of the following modes: Configure Mode of Installation sets all NICs of the target

system to obtain DHCP IP Address from the DDHCP Server. This type of agent installation will also disable the auto-IP function on the target system. After successful configuration auto-IP will be enabled again.

Do not Configure Mode of Installation retains the existing Network settings of all NICs in the target system.

Discovery ProcessRemote Install includes a configuration engine called Kickstart Engine. This engine communicates with the Remote Install agents on the target systems to configure operating system parameters such as: Time-zone Hostname Domain name Administrator password Adding a user Setting the DNS information Setting the NIC information There are three ways in which the Kickstart Engine finds the agents installed on the target systems:1. BROADCAST

Kickstart Engine sends broadcast (BEACON) messages every 30 seconds to all systems in the same network. The Remote Install agent replies to the BEACON with an AVAILABLE message. This way the Kickstart Engine discovers that a target system is available on the network.

2. UNICASTThe DHCP Client on the target system requests IP Address from


the DDHCP Server. The information that a target system requested an IP Address is communicated to the Kickstart Engine. Then, Kickstart Engine sends unicast messages to the target system.

3. USING STATICIP.TXTIf the target system sends DHCP client requests to the DHCP server, then that information is communicated to the Kickstart Engine and Unicast messages is sent over to the target systems. If there is a target system that has a static IP address and the user installs the agents in the Don’t configure mode, then the target system will not run the DHCP client for its NICs. Also, if the target system is across the router, then the Kickstart Engine will not be able to communicate with this system since the broadcast messages will not reach the other side of the router, see Figure 1. But since the target system has a static IP Address, the DHCP client never gets to run on the target system. As a result, the Kickstart Engine needs to communicate directly to the target system This is made possible by defining a file called StaticIP.txt in installDrive:\dell\openmanage\netstart. This file contains the IP Address of the target system so that Kickstart Engine can communicate with the target system.

Figure 1: Target System Across the Router from the Kickstart Engine (on the Image Server)


Image Server

Router

Target System with static IPwith Agent installed in nocfg mode

Section 6Capture Process Reset IP Address

A target system can be captured for two purposes:1. Deployment to other servers2. BackupWhen a system is captured for deployment to other servers, the network personalization of the source system should be cleaned up so that deployment to other servers does not result in IP Address conflicts.Before the target system is captured for deployment to other servers, Pre-capture scripts are run in order to remove the network personalization of the Captured Image. The Pre-capture scripts do the following: Clear out the IP Address of the NICs of the target source

system and set them to DHCP Clear out the hostname of the target source system Clear out the domain name of the target source system

This process is handled using Microsoft sysprep utility in Windows.


Section 7Processes Involving Storage Shares

How Storage Works Remote Install storage is used to store images of the target systems and the update packages needed to configure the settings of the target systems. Remote Install can access the storage locally on the image server, or the storage on a remote system on the network (storage server) if a shared folder is available.When stored images are deployed to a target system, the target system opens a SMB (server message block) connection to the storage share using the IP and share name. So no matter what kind of network environment is involved, the only requirement for using storage is that the target system can route to the storage location.Target systems will only access the storage location when they are in Active OS mode.

Setting up Storage SharesProcedures for setting up a storage share are quiet simple. Users need to enter the storage location (\\IPAddress\share format) with a user name and password. Remote Install does not allow an empty user name, but does allow an empty password to add storage.To make sure the storage settings are valid, users need to globally consider their network settings: In most cases, users should set up a storage location for

each of their subnets. A target system in one subnet can talk to the storage location in the same subnet.

If users do not want to manage too many storage directories, they can choose to have one storage system connect to all subnets, and define the same storage locations multiple times with different IP addresses.

Even if different storage locations point to the same physical directory location, the images under one storage location cannot be accessed by target systems in another subnet unless routing functionality is applied. Remember that the target system always needs to mount the storage location by the IP defined.

Users can turn on the routing functionality in the network environment. In the active operating system, the target system uses the dynamic IP address assigned by DDHCP. Users need to define the default gateway when they define the DHCP scope. The gateway information will be used for routing purposes.


Section 8Best Practices for Network Topology

Remote Install can be setup in a variety of network topologies. This section defines the best practices for Remote Install Network topology.

Single Connection Network SegmentThis configuration is a simple network configuration in which the image server, target systems, and admin console are all in one subnet, see Figure 2. The image server and target systems either have a single NIC, or they have multiple NICs but only one is connected and all others are disabled or unplugged.

Figure 2: Single Connection Network Segment

A single connection network segment requires: All target systems must have PXE boot enabled in the BIOS

settings. PXE boot must be set before booting from local disks.


Without PXE booting, target systems are not manageable by Remote Install.

Remote Install Image server normally lists all NICs of a target system that it recognizes. If a NIC is not recognized by the OS (due to lack of driver), or a NIC is disabled, then the image server will not recognize it. But if a NIC is unplugged but enabled, then it is configurable by the image server.

Remote Install lists all NICs of a target system in the order that the OS lists them, which might not be the order a user prefers. Users need to make clear that this preferential order maps to the NIC physical location so that he/she configures the right NIC with the right IP address. If users mistakenly configure the NIC connected to image server, then communication between image server and target system will be lost and the target system is no longer managed.

When users enter the file path string from admin console, all drive letters C: D: and so on are interpreted as image server local drives. It does not refer to the local drive of the system where admin console resides.

The above network setting requirements not only apply to a single connection network segment, but also apply to all other settings.

Single Management, Multiple Connection Network SegmentIn this configuration, multiple NICs exist for the target systems. Each target system has one NIC connected to the management network. Target systems have other NICs connected to other subnets.This setting can be chosen when users do not want DHCP/PXE in the data center. They can build a LAN of management segments and have one NIC (NIC1 in the figure below) of the target system connected to this LAN without interference with the data center networking (NIC 2).Setting this type of network requires: Since all target systems have another NIC connection to the

data center or Internet, the IP configuration is very sensitive. User should choose No configure mode when installing Remote Install agent on the image server when they introduce a legacy system to Remote Install. If they have to configure the NIC, clarify the order of all NICs and configure the right one.

When capture such a target system, users should be aware that “Capture for deployment” has some influences on the target system. A mini-setup Sysprep process runs after capture. This capture will also erase all static IP addresses on the target system and replace with DHCP settings. To avoid DHCP problems, users can either take the system offline and configure it before replacing it in the data center, or if offline is not an option (e.g., the target system is a web server and need to be on duty all the time), users can choose the “Capture for backup” option so that the target system is untouched. However, with this option the image being saved has the same IP address as the original system. If users


deploy that image to another target system, they should not introduce the system to the data center until they re-configures the IP. Otherwise, IP address conflicts will occur.

Remote Install configuration does not support multi-host servers (multiple IP on single NIC). Users cannot add an IP address to a NIC, as it will erase the old IP address and assign a new one.

Admin Console and Image Server in Separate SubnetsIn this configuration, the admin console is not in the management subnet (management network), see Figure 3. Users should prepare the web hosting of the image server so it can hear the request from the admin console. Also, since the image server has multiple live connections, the embedded DDHCP will listen on all of these connections.

Figure 3: Admin Console Outside the Single Network Segment

Setting up this type of network requires: The image server has more than one NIC connection. The

embedded DDHCP server is designed to listen to all subnets, so the DDHCP server will not only receive requests from the management segment, but also from other subnets including the


one with the admin console. However, Remote Install DDHCP will never assign an IP address to a wrong system.

Even though DDHCP server listens on all subnets that connect to the image server, it will only hand out DHCP addresses in the Remote Install DHCP scopes. If users do not want DDHCP to interference with a certain subnet, they can delete any scopes defined in that range.

If a scope has been defined for a subnet, DDHCP will assign an IP address to a target system only if the target system had been PXE booted from the Image server. In order for PXE boot to take place, users need to adjust the boot sequence.

Multiple Management SubnetsIn this configuration, the image server is used to manage multiple subnets, see Figure 4.

Figure 4: Multiple Management Subnets

Setting this type of network requires: The image server must somehow discover the target

systems in the other side of router. Please refer to Section 4: How Remote Install Image Server finds the Agents for the discovery process.

Setting up the storage for Remote Install has more options since different subnets are involved. Please refer to Section 7: Setting up Storage Shares for details.


If the image server has more than one connection with the target system, then Remote Install might not work as expected since image server could pick up either NIC to send out packets to the target system. Remote Install encourages users to have only connection between the image server and a target system.

THIS WHITE PAPER IS FOR INFORMATIONAL PURPOSES ONLY, AND MAY CONTAIN TYPOGRAPHICAL ERRORS AND TECHNICAL INACCURACIES. THE CONTENT IS PROVIDED AS IS, WITHOUT EXPRESS OR IMPLIED WARRANTIES OF ANY KIND.

Dell, OpenManage, and PowerEdge are trademarks of Dell Computer Corporation. Other trademarks and trade names may be used in this document to refer to either the entities claiming the marks and names or their products. Dell disclaims proprietary interest in the marks and names of others.

©Copyright 2002 Dell Computer Corporation. All rights reserved. Reproduction in any manner whatsoever without the express written permission of Dell Computer Corporation is strictly forbidden. For more information, contact Dell.

Information in this document is subject to change without notice.


network environments and openmanage remote install · web viewwhen stored images are deployed to a...

Documents