4 Satellite Administration

This section describes basic SA Satellite topologies and concepts and the following
administrative tasks:

Viewing Satellite Facilities

Enabling the Display of Realm Information

Viewing the Realm of a Satellite Managed Server

Viewing and Managing Satellite Gateway Information

Satellite Software Repository Cache Management

Updating Software in the Satellite Software Repository Cache

Satellite Software Repository Cache Management

Overview of the SA Satellite

A Satellite installation can be a solution for remote sites that do not have a large enough
number of potentially Managed Servers to justify a full SA Core installation. A Satellite
installation allows you to install only the minimum necessary Core Components on the
Satellite host which then accesses the Primary (First) Cores database and other services
through an SA Gateway connection.
A Satellite installation can also relieve bandwidth problems for remote sites that may be
connected to a primary Facility through a limited network connection. You can cap a
Satellites use of network bandwidth to a specified bit rate limit. This allows you to insure
that Satellite network traffic will not interfere with your other critical systems network
bandwidth requirements on the same pipe.
A Satellite installation typically consists of a Satellite Gateway and a Software Repository
Cache and allows you to fully manage servers at a remote Facility. The Software Repository
Cache contains local copies of software packages to be installed on Managed Servers from the
Satellite while the Satellite Gateway handles communication with the Primary (First) Core.
You can optionally install the OS Provisioning Boot Server and Media Server on the Satellite
host to support Satellite OS Provisioning.
Installing other SA Core Components on the Satellite host is not supported.
For information about how to install and configure a Satellite, see the SA Simple/Advanced
Installation Guide.
Satellites can be installed using various topologies. For detailed information about Satellite
topologies, see the SA Simple/Advanced Installation Guide.
Figure 42, shows a Satellite linked to a single SA Core communicating through the First
Cores Management Gateway.

145

Figure 43, shows two Satellites linked to an SA Core each communication directly with the
First Cores Management Gateway. Communication between the Satellites, when required,
travels from one Satellite to the First Core Management Gateway, then to the other Satellite.
Figure 42 Single SA Core with a Single Satellite

146

Chapter 4

Figure 43 Single SA Core with Multiple Satellites

Management Gateway
Satellite communication with an SA First Core is achieved, either directly or through a
network of Gateways, through a Management Gateway that resides on the First Core and in
the same IP address space as the servers that the First Core manages. The Management
Gateway communicates with the First Core through the Core Gateway.

Facilities and Realms

A Facility encompasses the Managed Servers that reside in a single physical location. A
Facility can be all or part of a data center, server room, or computer lab.
To deal with the potential problem of Facilities in the same SA Core with overlapping IP
address spaces, SA uses the concept of Realms. An SA Realm is a routable IP address space,
which is serviced by one or more Gateways. A Facility can contain multiple Realms. Each IP
address space requires a separate Realm. Typically, each physical building is modeled as a
Facility that has as many Realms as needed.

Satellite Administration

147

The Realm allows each Managed Server in a Facility to be identified by its Realm and IP
address combination. Since separate Facilities can contain duplicate IP addresses, this Realm/
IP address combination allows SA to differentiate between Managed Servers in different
Facilities but with the same IP address and route traffic accordingly.
For more information about Facilities and Realms, see the SA Simple/Advanced Installation
Guide.

Satellite Information and Access

This section discusses the following topics:

Permissions Required for Managing Satellites

Viewing Satellite Facilities

Enabling the Display of Realm Information

Viewing the Realm of a Satellite Managed Server

Viewing and Managing Satellite Gateway Information

Permissions Required for Managing Satellites

To access the Manage Gateway feature, you must have the Manage Gateway permission. By
default, this permission is included in the SA System Administrators group. To view Facility
information, you must have Read (or Read & Write) permission for the specific Facility. For
more information about user groups and SA permissions, see Chapter 1, User and User Group
Setup and Security, on page 13 of this guide.

Viewing Satellite Facilities

The Facilities page in the SA Web Client lists the Core and Satellite facilities. In particular,
the Facilities page displays Unreachable Facilities, as shown in Figure 44.

148

Chapter 4

Figure 44 Facilities Channel

Clicking the link for a Facility, and then selecting the Realms tab displays the configured
bandwidth of the connections between the Realms in that Facility, as shown in Figure 45.
Figure 45 Realms and Connection Bandwidth in Facilities

Additionally, you can view the Facilities that contain Realms by clicking Administration
System Configuration as shown in Figure 46.

Satellite Administration

149

Figure 46 Satellite Configuration

Enabling the Display of Realm Information

By default, the SA Web Client does not display Realm information, which is needed by users
who manage Gateways and Software Repository Caches.
To enable access to the Realm information, perform the following tasks:

150

Log on to the SA Web Client as a user who is a member of the SA Administrators group
and to a group that has the Configure Opsware permission.

From the Navigation panel, click Administration System Configuration.

Select the SA System Web Client link.

On the System Configuration page, for the parameter owm.features.Realms.allow,

set the value to true.

Click Save.

Chapter 4

Viewing the Realm of a Satellite Managed Server

When installed in a Satellite configuration, SA can manage servers with overlapping IP
addresses. This situation can occur when servers are behind NAT devices or firewalls. Servers
with overlapping IP addresses must reside in different Realms.
When retrieving a list of servers resulting from a search, you might see multiple servers with
the same IP address but in different Realms. You might also see multiple servers with the
same IP address when you are planning to run a custom extension and you are prompted to
select the servers on which to run the extension.
The SA Web Client displays additional information that identifies the server corresponding to
the IP address, as shown in Figure 47.
Figure 47 Server Properties Page Showing the Realm of a Managed Server

Viewing and Managing Satellite Gateway Information

To access Satellite Gateway information, in the SA Web Client Navigation panel, click
Administration Gateway. The Manage Gateway page appears, as shown in Figure 48.
From the list of Gateways on the left, select the Gateway you want to view information for,
and then click the Page Selection link for the page you want to view.

Satellite Administration

151

Figure 48 Status Page of the Manage Gateway Feature

Page Selection

Gateway
Selection

Use the Manage Gateway page for the following tasks:

Obtain debugging and status information about Gateways and the tunnels between
Gateways.

Perform specific tasks on Gateways, such as changing the bandwidth limits or tunnel cost
between Gateway instances, restarting Gateway processes, or changing the logging levels
for Gateway processes.

Viewing Diagnostic and Debugging Information

1

From the SA Web Client Navigation panel, click Administration Gateway. The
Manage Gateway page appears.

From the list of Gateways on the left, select the Gateway that you want to view
information for. The Status page for that Gateway appears.
The Status page displays the following information for the Gateway:

A table of Active Tunnels. This table includes:

Tunnel Cost
Bandwidth Constraints
Bandwidth Estimates
Age of the tunnels

Information about the internal message queues. Each column in the table for a queue
displays data in this format:
Number of messages in the queue

152

Chapter 4

 The message high-water mark for the queue

Maximum value configured for the queue
The last time the message high-water mark was attained for the queue
You can use the timestamp indicating when the message high-water mark was
last reached to troubleshoot Gateway issues. The timestamp is displayed in the
format DD:HH:mm:ss.
3

To view the details and statistics for a tunnel between Gateways, click the link for the
Gateway that terminates the tunnel, as Figure 49 shows.

Figure 49 Manage Gateway Status Page

The page refreshes and displays the tunnel details and statistics.
4

To view the following pages containing diagnostic information, click the link for the page
in the menu bar.

Flows page: Displays information about all open connections for the selected
Gateway.

Routing page: Displays the inter-Gateway routing table. This table shows which
tunnel will be used to reach another Gateway in the mesh. The routing table is
computed from the data in the path database. The routing computation automatically
updates when the link cost for a connection is changed.

When a tunnel collapses, by default, routing information is retained in the routing table for
two minutes to provide continuity for the mesh.

Path database (PathDB) page: Displays the route with the lowest cost to all
reachable Gateways in the mesh. SA determines the lowest cost route to all reachable
Gateways from the data in the Link State database.

Link State database (LSDB) page: Contains information about the state of all
tunnels from the perspective of each Gateway instance. The LSDB contains the data
for all tunnels and the bandwidth constraint for each tunnel.

Configuration (Config) page: Displays the Gateway Properties file for the Gateway
you have selected. This page includes the path to the properties file on the server
running the Gateway component.
Below the properties values, the page contains crypto file information and the mesh
properties database.

Satellite Administration

153

Above the properties values, the Properties Cache field appears. When you change
the bandwidth or link cost for a connection between Gateways, the updated value
appears in this field if the update was successful.

History: Displays historical information about the inbound (ingress) and outbound
(egress) connections between hosts using the Gateway mesh. For example, when host
A in Realm A connected to host B in Realm B.

Identifying the Source IP Address and Realm for a Connection

The Ident page provides an interface to the real-time connection identification database. If
necessary, contact HP Server Automation Support for additional information about how to
run this tool.
1

From the SA Web Client Navigation panel, click Administration Gateway. The
Manage Gateway page appears.

From the Page Selector, click Ident. The page refreshes with an interface to the real-time
connection identification database.

In the text field, enter the protocol and source port for an active connection (for example,
TCP:25679).

Click Lookup.
The page refreshes with the client Realm and client IP address where the connection
came from.

Changing the Bandwidth Usage or Link Cost Between Gateways

You must apply any bandwidth changes between gateways on Core Gateways only. Changes
made on other gateways will not take effect.
1

From the SA Web Client Navigation panel, click Administration Gateway. The
Manage Gateway page appears.

To specify a bandwidth limit for a connection:

154

From the Page Selector, click Bandwidth. The page refreshes with fields in which you
can specify the bandwidth for the connection between Gateway instances.

Specify two Gateway instance names that are connected by a tunnel.

Specify the bandwidth limit you want in kilobits per second (Kbps). Specify zero (0) to
remove bandwidth constraints for the connection.

Click Apply.

To set a link cost for a connection:

a

From the Page Selector, click Link Cost. The page refreshes with fields in which you
can specify the link cost for the connection between Gateway instances.

Specify two Gateway instance names that are connected by a tunnel.

Specify the cost you want in the Cost field.

Click Apply.

Chapter 4

Viewing the Gateway Log or Change the Log Level

Changing the logging level to LOG_DEBUG or LOG_TRACE greatly increases the log output of the
Gateway and can negatively impact the performance of the Gateway.
1

From the SA Web Client Navigation panel, click Administration Gateway. The
Manage Gateway page appears.

From the Page Selector, click Logging. The page refreshes with a tail of the Gateway log
file.

To change the logging level, select an option: LOG_INFO, LOG_DEBUG, or LOG_TRACE.

Click Submit.

Restarting or Stopping a Gateway Process

1

From the SA Web Client Navigation panel, click Administration Gateway. The
Manage Gateway page appears.

From the Page Selector, click Process Control. The page refreshes.

To restart the Gateway process, click Restart.

To stop the Gateway watchdog and the Gateway, click Shutdown.

Stopping a Gateway process can cause problems for an SA core. For example, if you stop a core
Gateway process, you will stop all multimaster traffic to that SA core. Additionally, the
Manage Gateway UI is unavailable after stopping the process.

To restart the Gateway after stopping it from the Manage Gateway page, you must log onto
the server running the Gateway component and manually restart the process.

Satellite Software Repository Cache Management

The largest amount of network traffic in an SA Core occurs between:

The Software Repository and the Server Agent on a Managed Server during application
software or OS patch installations.

A server being OS Provisioned and the OS Provisioning Media Server that provides the
OS media for the provisioning.

When a Satellite is connected by a low-bandwidth network link, performance will be poor

during these processes. You can minimize network traffic by creating a copy of the cores
Software Repository contents in the Satellites Software Repository Cache or installing a local
Satellite OS Provisioning Media Server/Boot Server.
Since the Software Repository Cache stores copies of the files in the SA Cores Software
Repository (or from another Satellites Software Repository Cache), SA can supply software
requests locally without having the requests pass across the network between the Satellite
and the SA Core. Similarly, the OS Provisioning Media Server can supply OS images locally.
SA Satellites also support multiple Software Repository Caches per Realm.

Satellite Administration

1l7

The following sections discuss configuring and updating your local Software Repository Cache
and, optionally, your OS Provisioning Media and Boot servers.

Availability of Satellite Software Repository Cache Content

Software Repository content is not automatically replicated to the Satellite Software
Repository cache, therefore, not all content is available locally for Satellites in a mesh. You
must manually update the Satellites Software Repository Cache with the software you want
to install locally. On-demand updates are available only when the caching policy for the Realm
of the Software Repository Cache is on-demand.
SA can only warn you that the requested software is not available locally and that you must
update content from the First Core Software Repository or another Satellite Software
Repository Cache. SA keeps track of whether a package is available locally.
Instead, when SA is attempting to remediate requested software that is not available locally
onto a managed server, the SA Web Client generates an error and displays a complete list of
missing packages to help you identify the packages that need to be copied to the cache. After
you have copied the software to the cache, it will continue to be available locally for future
installations
The SA Web Client does not provide a User Interface to push packages to Satellites. However,
you can push packages to a Satellite by using the command-line tool stage_pkg_in_realm.
This tool is found on the First Cores Model Repository host in
/opt/opsware/mm_wordbot/util/stage_pkg_in_realm.
If you use the checkonly=1 argument in the URL request for the file, the utility requests a
file but the Software Repository will not send the file. If the file is not already cached, the
Software Repository Cache will obtain it from the parent Software Repository Cache if the
caching policy allows it.

Updating Software in the Satellite Software Repository Cache

To update files in a Satellites Software Repository Cache, you can configure the cache to
update cached copies of files as requests are received (On-demand Updates) or to update the
cached copy of a file manually (Manual Updates):

On-demand Update: The local Software Repository Cache obtains current files as
needed from the Software Repository in the SA core.

Manual Update: SA stages the software packages to a Satellite's Software Repository

Cache in advance of package installation so that performance is about the same as if the
Managed Server is in the same data center as the core.

When On-demand update is enabled, if the requested software is already present in the local
Software Repository Cache and is current, no action is taken. If the software is not present
locally or it is not current, the Software Repository Cache attempts to download the file in the
background from the closest upstream Software Repository Cache or from the Cores Software
Repository.
If the caching policy is Manual Update and you request an on-demand software update, the
Software Repository Cache will raise a wordbot.unableToCacheFile exception.

156

Chapter 4

It is always possible to stage a file on a Software Repository Cache regardless of the caching
policy. See Staging Files to a Software Repository Cache on page 162 in this chapter for more
information.
The flowchart in Figure 50 illustrates the logic that the Software Repository Cache uses to
update packages in a Satellite.
Figure 50 Software Repository Cache Update Logic

Setting the Software Repository Cache Update Policy

You can specify the Software Repository Cache update policy for each Facility by performing
the following tasks:
1

From the SA Web Client Navigation panel, click Administration System

Configuration. The Select a Product page appears.

Click the link of the Realm for which you want to set the Software Repository Cache
update policy. The configuration values for that Facility appear.

For the parameter word.caching_policy, set the caching policy value by selecting the
Use default value option or the Use value option and enter JIT (On-Demand Update) or
SNEAKERNET (Manual Update), See Figure 51.

Satellite Administration

157

Figure 51 Software Repository Cache Configuration Parameters

Click Save to apply your configuration change. Since, by default, the Software Repository
Cache polls for configuration changes every five minutes, it make take up to five minutes
for your change to take affect.

On-demand Updates
Enabling On-Demand Updates allows software to be downloaded to the Satellite Software
Repository Cache when it is not yet locally available as soon as that software is requested. If
you have a low-bandwidth network connection, Manual Updates may be a better solution as it
allows you to pre-download the most commonly requested software into the Software
Repository Cache. See Manual Updates on page 159.
Each time a Server Agent on a managed server in a Satellite requests software, the local
Software Repository Cache checks whether its cached copy of the software is current. If the
cached file is not current or is missing, the Software Repository Cache obtains an updated or
new local copy of the file from the nearest upstream Software Repository Cache or from the
Cores Software Repository and sends it to the requesting Server Agent.
When configured for On-demand Updates, when the Software Repository Cache receives a
request for software, it first requests the checksum of the software against the checksum of
the Cores Software Repository to insure that it has the latest copy.
For security purposes, SA caches software checksums for a user-configurable period of time.
If the checksum is the same as the locally-stored file, the Software Repository Cache serves
the software to the requester. If the checksum does not match or the local file is not present,
the Software Repository Cache requests an updated copy of the software from the nearest
upstream Software Repository Cache or the Cores Software Repository.
If network connectivity is lost while the Software Repository Cache is downloading software,
the next time a Server Agent requests the same software, the Software Repository Cache will
resume the file download from the point at which it stopped.

158

Chapter 4

Manual Updates
For Satellites with low-bandwidth network links, Manual Software Repository Cache updates
allow you to pre-populate the Software Repository Cache at installation time. You can also
configure refreshes for an existing cache. The Software Repository Cache is populated by an
out-of-band method, such as by cutting CDs of the required packages and shipping them to
the Satellite. To perform Manual Updates, you use the SA DCML Exchange Tool (DET) to
copy existing packages from an SA core or use the Staging Utility to perform the update. See
Creating Software Repository Cache Manual Updates on page 160 and Staging Files to a
Software Repository Cache on page 162.
When configured for Manual Updates, a Software Repository Cache does not communicate
with upstream Software Repository Caches or the Cores Software Repository until you
initiate an update. The Satellite considers its own Software Repository Cache as
authoritative.
If the caching policy is Manual Update and you request an on-demand software update, the
Software Repository Cache will raise a wordbot.unableToCacheFile exception.
Even if you have configured a Software Repository as On-Demand Update, You can apply a
manual update regardless of its update policy.
When applying Manual Updates in a Satellite installation with multiple Software Repository
Caches, you must apply the update to each Software Repository Cache in the Satellite.
Otherwise, when performing operations that retrieve files from the Cache (for example, when
installing software on a server in the affected Satellite), you may get the
wordbot.unableToCache file error.

Emergency Software Repository Cache Updates

You can push Emergency updates manually over the network to Satellites even if the caching
policy is Manual Update. You do not need to reconfigure the Software Repository Cache's
caching policy to push emergency updates to a Software Repository Cache. For example, an
emergency patch can be staged to a Satellite and applied without waiting for a shipment of
CDs to arrive.

Software Repository Cache Size Management

When you apply a Manual Update to a Software Repository Cache, SA removes files that have
not been recently accessed when the cache size limit is exceeded.
The least-recently accessed packages are deleted first.
The Software Repository Cache removes the files the next time it cleans up its cache. By
default, the cache is cleaned up every 12 hours. Packages are deleted so that the available
disk space stays below the high-water mark.
You must have enough disk space to store all necessary packages for the Software Repository
Cache to ensure that the Software Repository Cache does not exceed the cache size limit.

Satellite Administration

159

Creating Software Repository Cache Manual Updates

To create a Manual Update, you can use the SA DCML Exchange Tool (DET) to copy existing
software from an SA core. You then save an export file you can copy over the network to the
Satellites Software Repository Cache or burn to CD or DVD to be applied later to the cache.
You can also use the Staging Utility to upload software. See Staging Files to a Software
Repository Cache on page 162.
This section discusses the following topics:

Creating a Manual Update Using the DCML Exchange Tool (DET)

Applying a Manual Update to a Software Repository Cache

Staging Files to a Software Repository Cache

Microsoft Utility Uploads and Manual Updates

Creating a Manual Update Using the DCML Exchange Tool (DET)

You perform this procedure by using the DCML Exchange Tool (DET). Using the DET, you
export the software for the Manual Update and export the packages associated with selected
software policies.
See the SA Content Utilities Guide for more information about using DET.
To create a Manual Update perform the following steps:
1

On the server where you installed the DET component, run the following command to
create the following directory:
# mkdir /var/tmp/sneakernet

From the server running the SA Web Client, copy the following files from the
/var/opt/opsware/crypto/occ directory:
opsware-ca.crt
spog.pkcs.8
to the following directory:
/usr/cbt/crypto
This is the directory where you installed DET.

Create the file, /usr/cbt/conf/cbt.conf, so that it contains this content:

twist.host=<twist's hostname>
twist.port=1032
twist.protocol=t3s
twist.username=buildmgr
twist.password=buildmgr
twist.certPaths=/usr/cbt/crypto/opsware-ca.crt
spike.username=<your username>
spike.password=<your password>
spike.host=<way's hostname>
way.host=<way's hostname>
spin.host=<spin's hostname>
word.host=<word's hostname>
ssl.keyPairs=/usr/cbt/crypto/spog.pkcs8
ssl.trustCerts=/usr/cbt/crypto/opsware-ca.crt

160

Chapter 4

Create the following DCML Exchange Tool filter file /usr/cbt/filters/myfilter.rdf

that contains this content:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE rdf:RDF [
<!ENTITY filter "http://www.opsware.com/ns/cbt/0.1/filter#">
]>
<rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
xmlns="http://www.opsware.com/ns/cbt/0.1/filter#">
<ApplicationFilter rdf:ID="a1">
<path>/Other Applications</path>
<directive rdf:resource="&filter;Descendants" />
</ApplicationFilter>
</rdf:RDF>
In the <path> directive of the filter file, replace /Other Applications with the path to
the node you want to export (all node information about that node, its descendants, and
all associated packages will be exported).
This filter will export from the Applications area of the SA Web Client. If you want to
export packages from some other category of software in the SA Web Client, you need to
create a different filter. See the SA Content Utilities Guide for information.

On the server where you installed the DET component, run the DCML Exchange Tool by
entering the following command:
# /usr/cbt/bin/cbt -e /var/tmp/myexport --config /usr/cbt/conf/cbt.conf
--filter /usr/cbt/filters/myfilter.rdf
The DCML Exchange Tool places the packages associated with the exported nodes in the
following directory:
/var/tmp/myexport/blob
The packages are named unitid_nnnnnnn.pkg.

Copy all of the .pkg files to a directory on the server running the Software Repository
Cache, either over the network or by burning the files to a set of CDs or DVDs.

Applying a Manual Update to a Software Repository Cache

To apply a Manual Update to a Software Repository Cache, you run a utility
(import_sneakernet), which moves or copies the software you want to update into the right
location on the Software Repository Cache and registers it with the Model Repository in the
SA core.
To apply a Manual Update to a Software Repository Cache, perform the following steps:
1

Log in as root on the server running the Satellites Software Repository Cache.

Copy the export file to a directory on the Software Repository Cache server, mount the CD
containing the software export file, or copy the CD contents to a temporary directory.

Enter the following command to change directories:

# cd /opt/opsware/mm_wordbot/util

Enter the following command to import the contents of the export file to the Software
repository Cache:
# ./import_sneakernet -d dir
where dir is the CD mount point or the temporary directory containing the export file.

Satellite Administration

161

Staging Files to a Software Repository Cache

A Server Agent on a Managed Server can override the caching policy in effect for a Realm. The
ability to override the caching policy of a Software Repository Cache allows you to stage
software to a cache that is configured to be Manual Update only to resolve the following
situations:

You must circulate an emergency patch and you do not have time to create a Manual
update export file and physically visit a Facility to upload the software.

A necessary patch must be installed during a specified maintenance period and the period
is not long enough to download a patch and install it on all managed servers.

The utilization of a network link to the Satellite is known to be low at a particular time of
day making that time advantageous for upload.

To force package staging, the Staging Utility provides the argument

override_caching_policy=1 which is specified in the URL request for the software.
The Software Repository Cache allows a client to request that it obtain a file, but that it not
actually send the file to the client. If the file is not already cached, the Software Repository
Cache will obtain it from the parent Software Repository Cache if the caching policy allows it.
To use this feature, the client includes the argument checkonly=1 in the URL request for the
file.

Running the Staging Utility

To run the staging utility, perform the following steps:
1

On the server running the Software Repository component (part of the Slice Component
bundle), verify that the certificate token.srv is in your CRYPTO_PATH. During
installation token.srv is copied to
/var/opt/opsware/crypto/gateway/token.srv.

Log into the server running the Cores Software Repository.

Enter the following command to change directories:

# cd /opt/opsware/mm_wordbot/util

To stage the files you want, run the utility stage_pkg_in_realm which has the following
syntax:
./stage_pkg_in_realm [-h | --help] [-d | --debug]
[--user <USER>] --pkgid <ID> --realm <REALM> [--gw <IP:PORT>] [--spinurl
<URL>] [--wayurl <URL>] [--word <IP:PORT>]

To force package staging, the Staging Utility provides the argument

override_caching_policy=1 which is specified in the URL request for the software.
Example
./stage_pkg_in_realm --user admin --pkgid 80002 --realm luna
--gw 192.168.164.131:3001
Password for admin: <password>
Package /packages/opsware/Linux/3ES/miniagent is now being staged in realm
luna

162

Chapter 4

Microsoft Utility Uploads and Manual Updates

When you upload new Microsoft patching utilities (described in the SA Simple/Advanced
Installation Guide System Requirements chapter), you should immediately stage those files to
all Realms where the Software Repository Cache is configured for Manual Updates only.
If you do not stage these files to the remote Realms, Server Agents running on Windows
servers in those Realms will be unable to download new versions of the utilities and will be
unable to register their software packages. It is not necessary to stage packages to Realms
where the Software Repository Cache is configured for On-Demand Updates.
The Software Repository Cache allows a client to request that it obtain a file, but that it not
actually send the file to the client. If the file is not already cached, the Software Repository
Cache will obtain it from the parent Software Repository Cache if the caching policy allows it.
To use this feature, the client includes the argument checkonly=1 in the URL request for the
file. See Running the Staging Utility on page 162 in this chapter for information about how to
stage files.

Satellite Administration

163