Get started > Key concepts > Architecture

Architecture

This section is intended for those users who want a more in-depth understanding of SA architecture because they intend to customize the layout of their SA cores, create a Multimaster Mesh, require a remote database installation, and so on. You will learn about the SA Core and its Core Components and the relationship between the core, Server Agents, and Satellites.

SA Core

An SACore is a set of Core Components that work together to allow you to discover servers on your network, add those servers to a Managed Server Pool, and then provision, configure, patch, monitor, audit, and maintain those servers from an SA Client interface. The SA Client provides a single interface to all the information and management capabilities of SA.

The servers that the Core Components are installed on are called Core Servers. Core Components, even if distributed to multiple hosts are still considered part of a single SA Core.

Core Components can all be installed on a single host or distributed across several hosts, however, the typical SA installation uses Core Component bundling which installs certain components together on the same server for performance and maintainability purposes. SeeSA Core component bundling for more information about component bundling.

To communicate and perform certain server management activities, SA installs Server Agents on each Managed Server and communicates with the Managed Servers through Gateways that are part of the SA Core Components. Server Agents also perform certain actions on Managed Servers as directed by user input from the SA Client.

SA Server Agents

An SA Server Agent is intelligent software that is installed on all servers that you want SA to manage. After an agent is installed on an agentless server, the agent register the server with the SA Core which then adds that server to its pool of Managed Servers. The SA Agent also receives user initiated commands from the Core and takes the appropriate action on the server it is installed on, such as software installation and removal, software and hardware configuration, server status reporting, auditing, and so on.

You can install SA Agents on servers in the following ways:

You can use the SA Agent Deployment Tool (ADT) to discover the servers on your network that do not have SA Server Agents installed (agentless servers) and install agents on those servers. For more information about ADT, see the SA 10.51 Use section.

You can use SA Provisioning to provision an operating system to a bare-bones server — an SA Server Agent is installed with the operating system. See the SA 10.51 Administer section.

You can copy the SA Server Agent binary to the server and install it manually. See the SA 10.51 Use section.

During agent registration, SA assigns each server a unique ID (the Machine ID (MID)) and stores this ID in the Model Repository. Servers can also be uniquely identified by their MAC Address (the network interface card’s unique hexadecimal hardware identifier, which is used as the device's physical address on the network).

Core components

The Core components are the heart of the SA Core, making it possible to monitor and manage servers. When you retrieve vital information about network servers, provision servers, apply patches, take servers on and off line, configure and audit servers, and more, this interaction is controlled by the Core Components.

The following section describes the SA Core components and interfaces. For detailed information about how the SA Components work together to manage your servers, see the SA 10.51 Administer section.

Model Repository

The Model Repository requires either the SA-supplied Oracle database or an existing Oracle installation that meets SA database requirements. For more information about these requirements, see the SA 10.51 Install section.

The Model Repository is a standalone component and is not bundled with other Core Components. All SA components work from or update a data model maintained for all SA Managed Servers. The Model Repository stores the following information:

  • An inventory of all servers under SA management.
  • An inventory of the hardware associated with these servers, including memory, CPUs, storage capacity, and so on.
  • Information about managed server configuration.
  • An inventory of the operating systems, system software, and applications installed on managed servers.
  • An inventory of SA Provisioning operating system installation media (the media itself is stored in the SA Provisioning Media Server).
  • An inventory of software available for installation and the software policies that control how the software is configured and installed. The software installation media itself is stored in the Software Repository.
  • Authentication and security information.

SA Core component bundling

Certain SA Core Components are bundled together and must be installed as a unit during a typical installation. It is possible, if necessary, to break certain components (such as the Repository Store, SA Provisioning Media Server, among others) out of a bundle to install them on a different host by performing a Custom installation. However, more complex installations like distributed core components require the services of HPE Professional Services or HPE certified consultants and are not supported for customer installation.

The following table shows the SA component bundles and their constituent components. Note that the Slice Component bundle can have multiple installed instances which aids in workload balancing.

Component distribution

Model Repository

Infrastructure Components

SA Provisioning Components

Slice Components #1

Slice Components #x

One per core

One per core

Typically one per core

One per core

Multiple per core

Model Repository

Management Gateway

Primary Data Access Engine

Model Repository Multimaster Component

Software Repository Store (can be located on another host)

Media Server
(OS Sequence only)

Boot Server
(OS Sequence only)

Core Gateway/
Agent Gateway

Command Center

Global File System

Web Services Data Access Engine

Secondary Data Access Engine

Build Manager

Command Engine

Software Repository

HPE Live Network (HPELN)

DCML Exchange Tool (DET)

Software Repository Accelerator (tsunami)

Memcache

Core Gateway/Agent Gateway

Command Center

Global File System

Web Services Data Access Engine

Secondary Data Access Engine

Build Manager

Command Engine

Software Repository

HPE Live Network (HPELN)

DCML Exchange Tool (DET)

Software Repository Accelerator (tsunami)

Memcache

SA Core Component bundling provides the following benefits:

  • Added simplicity and robustness for multi-server deployments
  • Scaling capability: you can install additional Slice Component bundles for horizontal scaling
  • Improved high availability
  • Load balancing between slices when multiple instances installed

For more information about SA Core Component architecture and interaction, see the SA 10.51 Key Concepts Guide.

The Boot Agent is unrelated to Server Agents and operates as part of SA Provisioning.

Core Component bundles

Infrastructure Component bundle

  • Primary Data Access Engine

    The Data Access Engine provides an XML-RPC interface to the Model Repository that simplifies interaction with various clients, system data collection, and monitoring agents on servers. The Data Access Engine installed with the Infrastructure Component bundle is designated the Primary Data Access Engine. The Data Access Engine installed with the Slice Component bundle(s) is designated the Secondary Data Access Engine.

    Because interactions with the Model Repository go through the Data Access Engine, clients are less impacted by changes to the Model Repository’s schema. The Data Access Engine allows functionality to be added to SA without requiring system-wide changes.

  • Management Gateway

    Manages communication with other SA Cores and Satellites.

  • Model Repository Multimaster Component

    The Model Repository Multimaster Component is installed with the Infrastructure Component bundle. A Multimaster Mesh, by definition, has multiple core installations and the Model Repository Multimaster Component synchronizes the data in the Model Repositories for all cores in the Mesh, propagating changes made in one repository to the other repositories.

    Each Model Repository Multimaster Component consists of a Sender and a Receiver. The Sender (Outbound Model Repository Multimaster Component) polls the Model Repository and sends unpublished transactions to other Model Repositories. The Receiver (Inbound Model Repository Multimaster Component) accepts the transactions from other Model Repositories and applies them to the local Model Repository.

  • Software Repository Store

    The Software Repository Store component can be installed on any server hosting an Infrastructure Component bundle. As of SA 10.51, the Software Repository is part of the Slice Component bundle and the Software Repository Store component has been introduced to handle NFS exports to Slice Component bundle hosts.

    If you choose not to install the Software Repository Store, you must manually configure a NAS (filer) to allow Slice Component bundle servers access to the file system.

    Slice Component bundle

    • Command Engine

      Part of the Slice Component bundle. The Command Engine is a system for running distributed programs across many servers (typically through SA Server Agents). Command Engine scripts are written in Python and run on the Command Engine server. Command Engine scripts can issue commands to Server Agents. These calls are delivered in a secure manner and are auditable by using data stored in the Model Repository.

      Because you can have multiple Slice Component bundles, and therefore multiple Command Engines, horizontal scaling is greatly enhanced. Multiple Command Engine instances can share the load of command delivery and script execution by taking advantage of the load balancing mechanism provided by multiple Slice Component bundles. Failover and high availability are also improved. For example, when a Command Engine instance tries to delegate a command to another node in the cluster and that node is down, it fails over to the next node.

      SA can use Command Engine scripts to implement functionality.

    • Software Repository

      Part of the Slice Component bundle. This component is a repository in which the binaries/packages/source for software/application provisioning and remediation is uploaded and stored. A related component is the Software Repository Store which is installed with the Infrastructure Component bundle and handles NFS exports to Slice Component bundle hosts.

      SA supports mirroring of the Software Repository. You can control which Software Repositories in the mesh are designated as mirrors and control the frequency of mirroring jobs by modifying configuration parameters in the SA Client. Mirroring does not affect Satellite Software Repository caches.

      Software Repository mirroring can require large amounts of available disk space. During Standard and Advanced installation, you are given the opportunity to turn off mirroring which is on by default.

      For more information about configuring Software Repository mirroring, see the SA 10.51 Administer section.

      For information about how to upload software packages to the SA Library, see the SA 10.51 Administer section.

    • Core Gateway/Agent Gateway

      The Core Gateway communicates directly with Agent Gateways passing requests and responses to and from Core Components.

    • Command Center

      The Command Center (OCC) is the Core Component that underlies the SA Client. The OCC includes an HTTPS proxy server and an application server. You access the OCC only through the SA Client.

    • DCML Exchange Tool

      The DCML Exchange Tool is installed with each Slice Component bundle and facilitates the import and export of SA content. See the SA 10.51 Administer section.

    • Global File System

      The Global File System (OGFS) is installed with each Slice Component Bundle and provides the central execution environment for SA.

      The OGFS runs on one or more physical servers; customers can scale SA execution capacity by simply adding additional Slice Component bundles in a core.

      The OGFS runs SA built-in components — as well as customer-written programs — within a virtual file system that presents the SA data model, SA actions, and managed servers as virtual files and directories.

      This unique feature of SA allows users of the Global Shell and Automation Platform Extensions (APX) to query SA data and manage servers from any scripting or programming language. Since the OGFS filters all data, actions, and managed server access through the SA security model, programs running in the OGFS are secure by default.

    • Web Services Data Access Engine

      The Web Services Data Access Engine provides a public-object abstraction layer to the Model Repository and provides increased performance to other Core Components. This object abstraction can be accessed through a Simple Object Access Protocol (SOAP) API, through third-party integration components, or by a binary protocol of components such as the SA Client.

    • Secondary Data Access Engine

      The Data Access Engine provides an XML-RPC interface to the Model Repository that simplifies interaction with various clients, system data collection, and monitoring agents on servers. The Data Access Engine installed with the Infrastructure Component bundle is designated the Primary Data Access Engine. The Data Access Engine installed with the Slice Component bundle(s) is designated the Secondary Data Access Engine.

      Because interactions with the Model Repository go through the Data Access Engine, clients are less impacted by changes to the Model Repository’s schema. The Data Access Engine allows functionality to be added to SA without requiring system-wide changes.

    • Build Manager

      (OS Sequences only) Although the Build Manager is part of SA Provisioning, it is installed as part of the Slice Component bundle. The Build Manager facilitates communications between OS Build Agents and the Command Engine. It accepts SA Provisioning commands from the Command Engine. It provides a runtime environment for the platform-specific build scripts to perform SA Provisioning procedures.

    • HPE Live Network (HPELN)

      HPE Live Network delivers content updates for Server Automation (SA), Network Automation (NA), Client Automation (CA), Operations Orchestration (OO) and Service Automation Reporter (SAR). The HPE Live Network (HPELN) provides customers with security and compliance policies to help maximize your return on investment in SA, NA, and CA, and to leverage the extensible automation platforms to deliver new automation capabilities on an ongoing basis.

      HPELN is installed as part of the Slice Component bundle during SA Core installation.

    • Software Repository Accelerator (tsunami)

      An object store download accelerator that boosts remediation performance and scalability for any agents that communicate directly with a Linux-based SA Core.

      Performance and scalability are improved in two key areas:

      RPM Remediation Analysis – Fetching package headers during an RPM dependency analysis/preview is considerably faster than in previous SA releases.

      Remediation Package Staging – Unit downloads to managed hosts from the Software Repository is considerably faster than in previous SA releases and can use 10GbE networking.

    • memcache

      An in-memory caching layer that works with the Software Repository Accelerator (tsunami) component to support remediation and scalability enhancements for agents that communicate directly with a Linux-based SA Core.

      SA Provisioning Components bundle

      • Boot Server

        The Boot Server is part of Provisioning. It supports network booting of Sun and x86 systems with inetboot and PXE, respectively. The processes used to provide this support is the Internet Software Consortium DHCP server.

      • Media Server

        The Media Server is part of Provisioning. It is responsible for providing network access to the vendor-supplied media used during SA Provisioning. The processes used to provide this support include the Samba SMB server and Linux NFS. You copy and upload your valid operating system installation media to the Media Server.

      The OS Build Agent is part of SA Provisioning. It runs during the pre-provisioning (network boot) process and is responsible for registering a server with the SA Core through the Build Manager and guiding the OS installation process.

  • Core Gateway/Agent Gateway

    The Core Gateway communicates directly with Agent Gateways passing requests and responses to and from Core Components.

  • DCML Exchange Tool

    The DCML Exchange Tool is installed with each Slice Component bundle and facilitates the import and export of SA content. See the SA 10.51 Administer section.

  • Global File System

    The Global File System (OGFS) is installed with each Slice Component Bundle and provides the central execution environment for SA.

    The OGFS runs on one or more physical servers; customers can scale SA execution capacity by simply adding additional Slice Component bundles in a core.

    The OGFS runs SA built-in components — as well as customer-written programs — within a virtual file system that presents the SA data model, SA actions, and managed servers as virtual files and directories.

    This unique feature of SA allows users of the Global Shell and Automation Platform Extensions (APX) to query SA data and manage servers from any scripting or programming language. Since the OGFS filters all data, actions, and managed server access through the SA security model, programs running in the OGFS are secure by default.

  • Web Services Data Access Engine

    The Web Services Data Access Engine provides a public-object abstraction layer to the Model Repository and provides increased performance to other Core Components. This object abstraction can be accessed through a Simple Object Access Protocol (SOAP) API, through third-party integration components.

  • Secondary Data Access Engine

    The Data Access Engine provides an XML-RPC interface to the Model Repository that simplifies interaction with various clients, system data collection, and monitoring agents on servers. The Data Access Engine installed with the Infrastructure Component bundle is designated the Primary Data Access Engine. The Data Access Engine installed with the Slice Component bundle(s) is designated the Secondary Data Access Engine.

    Because interactions with the Model Repository go through the Data Access Engine, clients are less impacted by changes to the Model Repository’s schema. The Data Access Engine allows functionality to be added to SA without requiring system-wide changes.

  • Build Manager

    (OS Sequences only) Although the Build Manager is part of SA Provisioning, it is installed as part of the Slice Component bundle. The Build Manager facilitates communications between OS Build Agents and the Command Engine. It accepts SA Provisioning commands from the Command Engine. It provides a runtime environment for the platform-specific build scripts to perform SA Provisioning procedures.

  • HPE Live Network (HPELN)

    HPE Live Network delivers content updates for Server Automation (SA), Network Automation (NA), Client Automation (CA), Operations Orchestration (OO) and Service Automation Reporter (SAR). The HPE Live Network (HPELN) provides customers with security and compliance policies to help maximize your return on investment in SA, NA, and CA, and to leverage the extensible automation platforms to deliver new automation capabilities on an ongoing basis.

    HPELN is installed as part of the Slice Component bundle during SA Core installation.

  • Software Repository Accelerator (tsunami)

    An object store download accelerator that boosts remediation performance and scalability for any agents that communicate directly with a Linux-based SA Core.

    Performance and scalability are improved in two key areas:

    RPM Remediation Analysis – Fetching package headers during an RPM dependency analysis/preview is considerably faster than in previous SA releases.

    Remediation Package Staging – Unit downloads to managed hosts from the Software Repository is considerably faster than in previous SA releases and can use 10GbE networking.

  • memcache

    An in-memory caching layer that works with the Software Repository Accelerator (tsunami) component to support remediation and scalability enhancements for agents that communicate directly with a Linux-based SA Core.

SA Provisioning Components bundle

  • Boot Server

    The Boot Server is part of Provisioning. It supports network booting of Sun and x86 systems with inetboot and PXE, respectively. The processes used to provide this support is the Internet Software Consortium DHCP server.

  • Media Server

    The Media Server is part of Provisioning. It is responsible for providing network access to the vendor-supplied media used during SA Provisioning. The processes used to provide this support include the Samba SMB server and Linux NFS. You copy and upload your valid operating system installation media to the Media Server.

    The OS Build Agent is part of SA Provisioning. It runs during the pre-provisioning (network boot) process and is responsible for registering a server with the SA Core through the Build Manager and guiding the OS installation process.

Satellite installations

  • Software Repository Cache

    A Software Repository Cache contains local copies of the contents of a Core’s Software Repository (or of another Satellite). Having a local copy of the Software Repository can improve performance and decrease network traffic when you install or update software on a Satellite’s Managed Servers.

  • Satellite Agent Gateway

    The Satellite Agent Gateway handles communications between the Satellite and the Core through the Core’s Management Gateway.