This article provides information on how to manage or patch Neverfail Continuity Engine clusters through IBM BigFix (also known as IBM EndPoint Manager, Tivoli Endpoint Manager), using Cozen Passive Node Management feature.
An IBM BigFix server should be installed and configured.
Enable Passive Node Management through Cozen Identity
Neverfail Continuity Engine servers should be able to access IBM BigFix in order to be managed remotely from there.
- On the active server this can be achieved through the Public IP address or through a Management IP Address.
- On the passive server, this can be achieved only through a Cozen Management Name and IP Address.
Thus, a Cozen Management Name and IP Address with access to IBM BigFix must be configured on each node, in order to be able to connect to IBM BigFix when both in active or passive role. The DNS name resolution option needs to be configured for the management IP address from Server Configuration Wizard.
Neverfail Continuity Engine passive server nodes can be managed through IBM BigFix only after performing one of the following configurations: from the IBM BigFix server side (1) OR from the managed node side (2).
1. Configuring IBM BigFix server
Configure IBM BigFix server with IP Address
During the IBM BigFix Server installation, a DNS name will be requested, which will be recorded for license and it will be used by Clients for identifying the server. Neverfail recommends (if possible) to configure the IP address for identifying the IBM BigFix during installation - this way the BigFix client subsequently installed on the Neverfail Engine passive nodes will be able to connect successfully to the BigFix server, without any other additional settings.
2. On the Neverfail Engine cluster servers
Configure Neverfail Engine passive nodes to access IBM BigFix server
If during its installation the IBM BigFix server was configured with DNS Name then the Neverfail Engine nodes must be tweaked so that the IBM BigFix client installed on them may access the BigFix server, when the node is in passive node. A way of achieving this is by adding the IBM BigFix IP Address - DNS name mapping in the C:\Windows\System32\drivers\etc\hosts file, as follows:
Managing a Neverfail Engine Cluster
Deploy IBM BigFix client on Neverfail Continuity Engine Cluster
To deploy the IBM BigFix client from IBM BigFix Console: Go to Wizards> All Wizards> Client Deploy Tool Wizard> Add Targets
The Target IP addresses must include the Cozen Management IP addresses of the Engine cluster servers.
After the installation, the Engine cluster managed nodes are visible in the IBM BigFix Console in Computers tab: notice the same computer name ("AG-BIGFIXCLIENT") for both nodes - this value corresponds to BigFix client computer name inspector and it's expected to be so in a Cozen Identity enabled server.
In order to tweak the IBM BigFix Console for displaying the Cozen/DNS name, right-click on the Computers table header and add the DNS Name column:
The result is:
Manage Neverfail Continuity Engine Cluster
All the Engine Cluster nodes registered in IBM BigFix server can be managed or patched no matter if they're active or passive.
Performing a Neverfail Engine switchover
Here's an example of expected behavior when Neverfail Engine clusters changes the active server (switchover):
Cozen Identity configuration:
Physical Hardware Identity
Assets before switchover displayed in IBM BigFix Console:
Assets after switchover displayed in IBM BigFix Console:
IBM BigFix 9.5.11
Neverfail Continuity Engine 8.5 and later