If server rollout is a headache, your cure might come in the form of automatic image deployment
Most enterprises have dozens, if not hundreds, of servers in their networks. Deploying new servers or updating existing ones with patches and software upgrades can be a never-ending chore.
Microsoft recently released a much-needed server provisioning tool, ADS (Automated Deployment Services), which automatically installs server software on new servers. I decided to check out the new tool -- which comes with Windows Server 2003 Enterprise Edition and can be downloaded for the Standard Edition -- and compare it with auto-deploy offerings from Altiris and Novell.
The three products use a similar architecture: a control server, one or more reference systems to create images, and target servers that receive the images. Both ADS and Altiris’ SPS (Server Provisioning Suite) use SQL Server to store information on individual servers as well as the large image of the software itself. ZENworks uses Novell’s eDirectory.
If the functionality of ADS meets your needs, it’s a nice product -- simple, easy to install and use. It has some features that the other products can’t match, such as the ability to install Windows Server 2000 or 2003 on any appropriate hardware with no scripting. It can also use Microsoft SQL Server Desktop Engine and the full Microsoft SQL Server 2000 to store data in the image of the operating systems to be deployed. On the downside, it can only deploy Windows Server 2000 or 2003 editions.
SPS and ZENworks 6 are more complex to set up, and deployment of server software images is a little more complex. However, the products can deploy and manage many more server OSes. In addition, both SPS and ZENworks can manage servers remotely; manage, roll out, and check patches for OSes and applications; collect, manage, and update inventory data; and check server health.
My total deployment time for ADS, including ADS server and SQL desktop engine installation, was less than an hour, which speaks to this product’s simplicity.
The beautiful thing about ADS is that an image of the OS can be created on one system and deployed to many similar types of hardware, without the need for scripts to manage different video, Ethernet, or other drivers. But there are some limitations: The systems must all be either uni- or multiprocessor and have the same HAL (Hardware Abstraction Layer), the lowest-level driver used by Windows.
ADS employs MMC (Microsoft Management Console), installed via a console snap-in, to control deployment. The SQL desktop engine is less scalable than the full SQL server, but much easier to install and configure. ADS is not intended to compete with SMS (System Management Server) in the areas of patch management, system monitoring, remote control, and so forth. It only deploys images. If you need to add to what ADS installs, you either do it manually or generate a new image (new images are quick and easy to make).
The ADS server also acts as a PXE (Preboot Execution Environment) and DHCP server and can take control of PXE-enabled systems before they try to boot from the local disk. It then boots the server, partitions drives, and installs the OS without requiring the administrator to physically access the system.
Given its platform limitations, ADS is not a solution for heterogeneous networks, but it does what it does very well -- and it’s free.
SPS offers a comprehensive array of applications including deployment, application delivery, application management (licensing and health monitoring), patch management, network traffic monitoring, and backups and recovery via images. It uses Microsoft SQL 7 or SQL Server 2000 for storing configuration information, images, and other data and supports a separate SQL server for extra scalability.
After installing the central Notification Server, it’s time to tackle the individual suite products. SPS installation is not integrated -- each application is separate, with separate documentation and installation, so the process takes longer. Once the apps are installed, everything can be accessed and controlled through one browser interface.
The deployment server supports Intel’s Wired for Management application and PXE for loading an OS from a remote boot. It also supports Altiris’ BootWorks, a single DOS-based boot floppy that connects to the Notification Server to complete OS installation on a system without a PXE adapter.
Creating and deploying OS images is relatively simple and easily managed. In addition to images of a complete OS, you can also create installation images of applications, patches, or service packs, and deploy them automatically, on demand, or manually. Images are easy to capture and deploy, and SPS can migrate user settings (registry entries, configuration files, and so forth) as well, simplifying the process of moving a user from one system to another.
SPS can also integrate with Microsoft SMS to provide a full-featured server and application management and deployment environment. The next version, due in February 2004, will support multiple Notification Servers and integrate with Microsoft’s ADS. This combines SPS’s non-Windows server management and deployment features with ADS’ easy deployment to different hardware types.
$300 per node is already inexpensive, but the full-featured SPS suite should save organizations far more than that in administrators’ time over the course of a year. Unless your organization has been running the same OS version and patch level on all its servers for the last several years, this is a product you should consider.
The ZENworks 6 suite includes ZENworks for Servers 3.02, ZENworks
for Desktops 4, and ZENworks for Handhelds. The first two are necessary for a complete deployment solution -- ZENworks for Servers doesn’t do OS deployment, leaving it to ZENworks for Desktops.
ZENworks no longer requires that NetWare be installed in the network, but it does require Novell’s eDirectory, which runs on NetWare, Windows NT, or Windows 2000. It also requires the Apache Web server, Tomcat app server, Java Virtual Machine, and Novell ConsoleOne software. There is no integrated installation for these pieces, so, as with SPS, you must take the time to address each one separately.
Once all this support software is installed, ZENworks delivers an extremely powerful directory-based deployment and management solution. It can deploy OSes, patches, or apps based on a server’s role and alter any aspect of the system if that role changes. ZENworks provides a single interface to manage Windows NT Server and Windows Server 2000 and Linux and Solaris servers as well as monitor network and server loads and health and control servers remotely.
As with SPS, ZENworks has a wealth of features extending beyond OS deployment. The role-based management extends down to the user or workstation level; since most systems administrators must manage both servers and users, being able to do both from a single console is a boon.
Network managers unfamiliar with NetWare may be initially reluctant to consider ZENworks 6, but the functionality is powerful and eDirectory is not difficult to install. The other installation and management requirements are no more difficult than those of the Altiris solution, and eDirectory delivers a level of granular control and a host of automation possibilities that SPS cannot yet match.
There’s a direct relationship between the dedicated nature of the deployment software and its complexity. When a product strives to be heterogeneous and comprehensive, it becomes more difficult to deploy and to use, hence the understandable complexity of SPS and ZENworks.
ADS has the most limited server OS deployment of these three options, but it’s also free and simple to set up and use. SPS and ZENworks 6 are relatively complex to install and expensive compared to ADS, but provide more features and support for more OSes. This begs the question: If both SPS and ZENworks offer more features, why use ADS? One simple answer -- it’s free.
This weekend's Windows 10 upgrade has users angry, and it's unclear if the ploy will continue
Speaking at the O'Reilly Fluent conference, Eich also endorsed the Service Workers mobile app...
You don't need a tinfoil hat, either. Opportunists have exploited consumer fears to create an industry...
You're far more vulnerable to hackers than you think. Here are the secrets to staying secure
There's a lot of loose talk about our AI-driven future. But expect to keep using your own brain for a...
It's tempting to understand data encryption in terms of locks and other physical metaphors, but the...
Your cloud projects will not give you the return you expected if you don't treat security, targeting,...