DSM r11 Architecture - Network Challenges

(formerly DSM - Unicenter Desktop & Server Management)
IT Client Manager
Network Challenges
- Latest Revision 11/28/2005
Network Challenges
2005 Computer Associates International, Inc. (CA). All trademarks, trade names, services marks and logos referenced herein belong to their respective companies.
Network Challenges
Overcoming network topology issues has been simplified with DSM r11.
2U
Domain Manager MDB
2U
System Engine
Engine
1U
Scalability Server
1U
Scalability Server
1U
Scalability Server
Remote Site
Local LAN
DMZ
Communication Types
Basically, there are only two types of communication
DB DB
MDB
DB
Domain Manager
IC
Engine
DB IC
IC
IC
Scalability Server
IC
DSM Explorer
Reporter
Component to DB
Component to database via the default or configured database port
Database Communication Ingres (Ingres/Net 19016 & 19017, JDBC 19023) Microsoft SQL Server (Default 1433)
MDB
DB
DB
Domain Manager
DB
Engine
DB
Scalability Server
DSM Explorer
Reporter
Component to Component
and component to component via default or configured CAM and multiplexer ports.
MDB
Domain Manager
IC
Inter-Component Communications
IC IC
Engine
IC
Scalability Server
IC
CAM (UDP 4104, TCP 4105) DSM Multiplexer(4728)
DSM Explorer
Reporter
Domain Management Component Overview

MDB
DB DB
Domain Manager
IC
Database Communication Ingres (Ingres/Net DB 19016 & 19017, JDBC 19023) Microsoft SQL Server (Default 1433)
DB
Inter-Component Communications
IC IC
Engine
IC
Scalability Server
CAM (UDP 4104, TCP 4105) DSM Multiplexer(4728) IC
DSM Explorer
Reporter
Ports shown are for default installation of database and components. Always refer to Ports Used by Unicenter DSM in the DSM Implementation Guide for more detailed, most accurate information.
Required Ports
Opening required ports (a.k.a. connectivity ) is only half the battle, however.
2U
Domain Manager
2U
MDB
System Engine
Engine
1U
Scalability Server
1U
Scalability Server
1U
Scalability Server
Remote Site
Local LAN
DMZ
Firewall and NAT

Firewalls not only block port communication but also conceal the identity of the resources they protect using Network Address 2U Translation (NAT).
Domain Manager MDB
2U
System Engine
Engine
1U
Scalability Server
1U
Scalability Server
1U
Scalability Server
Remote Site
Local LAN
DMZ
Keep Target System Visible

Not only must access rules allow connectivity to the target system but the target system must be 2 visible from the system initiating U the communication.
2U
Domain Manager MDB
System Engine
Engine
1U
Scalability Server
1U
Scalability Server
1U
Scalability Server
Remote Site
Local LAN
DMZ
10
Visibility Example
Visible does not necessarily mean the IP address for the target can be resolved and reached by the source system directly.
2 U
Domain Manager
2 U
System Engine
Engine
1 U
Scalability Server
1 U
Scalability Server
1 U
11
Visibility Example
Domain Manager may not be able to resolve or reach the IP address of the Scalability Server directly. But, if Domain Manager knows to transmit data to the edge device public IP (the firewall) at the remote site (likely through a DNS entry)
1 U
Scalability Server
2 U
Domain Manager
2 U
System Engine
Engine
1 U
Scalability Server
1 U
12
Visibility Example
and the edge device is configured to route certain traffic (e.g., CAM) to the private address of the Scalability Server
2 U
Domain Manager
2 U
System Engine
Engine
1 U
Scalability Server
1 U
Scalability Server
1 U
13
Visibility Example
and CAM on the Scalability understands the traffic is destined for it, required communications can flow.
2 U
Domain Manager
2 U
System Engine
Engine
1 U
Scalability Server
1 U
Scalability Server
1 U
14
Common Visibility Issues

Attempt to resolve visibility issues before becoming concerned with establishing connectivity (opening ports). -Common Issues: - Target identifiers not unique - Target identifiers cannot be resolved 2U - Target identifiers change without notice
Domain Manager MDB
2U
System Engine
Engine
1U
Scalability Server
1U
Scalability Server
1U
Scalability Server
15
VPN Visibility Issues

VPN is common proposed as a solution for overcoming connectivity and visibility issues. VPN can be used to address connectivity issues by virtually eliminating the firewall from the equation. However, dependent on the type of VPN deployed and configuration, it may introduce a visibility issue.
2U
Domain Manager
2U
MDB
System Engine
Engine
1U
Scalability Server
1U
Scalability Server
1U
Scalability Server
16
CAM Configuration and Troubleshooting

DSM communication in r11 is highly dependent upon CAM. It highly likely in complex network environments that the out of the box configuration will need to be modified.
2 U
Domain Manager
2 U
System Engine
Engine
1 U
Scalability Server
1 U
Scalability Server
1 U
17
CAM Configuration and Troubleshooting

Local copy of the latest version of the CAM Admin Guide has been provided and is also available online at http://devnews/CAM/main. htm?current=documentatio n.
2 U
Domain Manager
2 U
System Engine
Engine
1 U
Scalability Server
1 U
Scalability Server
1 U
18
Limited Number of Challenges

Given the interaction of DSM components and basic architectural design principles the number of challenges is fairly limited.
2U
Domain Manager
2U
MDB
System Engine
Engine
1U
Scalability Server
1U
Scalability Server
1U
Scalability Server
19
Domain Level Challenges

Since Engines should be electronically close to the MDB, the principle challenge at the Domain level will be Domain Manager communication to/from the Scalability Server.
2U
Domain Manager
2U
MDB
System Engine
Engine
1U
Scalability Server
1U
Scalability Server
1U
Scalability Server
20
Resolution: Scalability Server

Since Domain Manager communication to/from the Scalability Server requires only CAM and multiplexer connectivity, it is a matter of... - Ensuring the Scalability Server host is visible from the Domain Manager and vice versa. - Connectivity is possible by ensuring communications via the default/configured CAM and multiplexer ports and protocol is not blocked.
Domain Manager
CAM & Multiplexer
Scalability Server
21
Resolution: DSM Explorer

At the Domain level, the DSM Explorer must communicate with the Domain Manager via CAM and the multiplexer port. Since it is conceivable that not all instances will be installed on the same LAN... - Ensure the Domain Manager host is visible. - Ensure Connectivity is possible via the default or configured and multiplexer CAM ports and that protocol is not blocked.
DSM Explorer Domain Manager
CAM & Multiplexer
22
Resolution: Reporter
At the Domain level the Reporter must communicate with the Domain Manager via CAM and with the MDB via the database port. It is possible that not all instances will be installed on the same LAN... - Ensure the Domain Manager host is visible. - Ensure the MDB host is visible. - Ensure Connectivity is possible via the default/configured CAM port(s) and protocol is not blocked. - Ensure connectivity is possible via the
MDB
Domain Manager
DB
CAM
Reporter
23
Enterprise Architecture Challenge

In an Enterprise architecture, the Enterprise Manager must be able to communicate with Domain Managers to link Domains and assign the replication task to a Domain Engine. - Ensure the Domain Manager host is visible. - Ensure Connectivity is possible via the default/configured CAM and multiplexer ports and protocol is not blocked to the Enterprise Manager.
Enterprise Manager
CAM & Multiplexer
Domain Manager
24
Domain Engine
In an Enterprise architecture, the Domain Engine assigned the replication task must be able to initiate communications with the Enterprise Manager via CAM to obtain connection information for the Enterprise MDB. - Ensure the Enterprise Manager host is visible. - Ensure the default/configured CAM port(s) are not blocked to the Enterprise host.
Enterprise Manager
CAM
Engine
25
Domain Engine to Enterprise MDB

Also in an Enterprise architecture, the Domain Engine assigned the replication task must be able to access with the Enterprise MDB. - Ensure the Enterprise MDB host is visible. - Ensure connectivity via the default/configured database port can be established to the Enterprise MDB
MDB
DB
Engine
26
DSM Explorer to Enterprise Manager

At the Enterprise level, the DSM Explorer must communicate with the Enterprise Manager and each linked Domain Manager via CAM. Since it is conceivable that not all instances will be installed on the same LAN...
Domain Manager
- Ensure the Enterprise Manager host and linked Domain Manager hosts are visible.
- Ensure Connectivity is possible via the default/configured CAM port(s) and protocol is not blocked.
DSM Explorer
CAM & Multiplexer
27
Reporter to Domain Manager

Reporter at the Enterprise level must communicate with the linked Domain Managers via CAM.
- Ensure the linked Domain Manager hosts are visible.

- Ensure connectivity is possible via the default/configured CAM port(s) and protocol is not blocked to the linked Domain Managers.
Domain Manager
CAM
Reporter
28
Reporter to Domain MDB

Reporter at the Enterprise level must be able to access linked Domain MDBs via the database port.
- Ensure the Domain MDB host is visible.

- Ensure connectivity is possible via the default/configured database port to the Enterprise MDB.
MDB
Reporter
29
Questions?

DSM r11 Architecture - Network Challenges

Diunggah oleh

Informasi Dokumen

Deskripsi Asli:

Hak Cipta

Format Tersedia

Bagikan dokumen Ini

Bagikan atau Tanam Dokumen

Opsi Berbagi

Apakah menurut Anda dokumen ini bermanfaat?

Apakah konten ini tidak pantas?

Hak Cipta:

Format Tersedia

DSM r11 Architecture - Network Challenges

Diunggah oleh

Hak Cipta:

Format Tersedia

(formerly DSM - Unicenter Desktop & Server Management)

CAM (UDP 4104, TCP 4105) DSM Multiplexer(4728)

Domain Management Component Overview

CAM (UDP 4104, TCP 4105) DSM Multiplexer(4728) IC

Firewall and NAT

Keep Target System Visible

Common Visibility Issues

VPN Visibility Issues

CAM Configuration and Troubleshooting

CAM Configuration and Troubleshooting

Limited Number of Challenges

Domain Level Challenges

Resolution: Scalability Server

CAM & Multiplexer

Resolution: DSM Explorer

CAM & Multiplexer

Enterprise Architecture Challenge

Domain Engine to Enterprise MDB

DSM Explorer to Enterprise Manager

CAM & Multiplexer

Reporter to Domain Manager

- Ensure the linked Domain Manager hosts are visible.

Reporter to Domain MDB

- Ensure the Domain MDB host is visible.

Anda mungkin juga menyukai