The ZENworks system architecture consists of components such as Primary Servers, Satellite Servers, and managed devices. These components are organized into management domains, referred to as Management Zones.
Figure 2-1 Management Zone
A Management Zone consists of at least one Primary Server, Satellites (if needed), and one or more managed devices or inventoried-only devices. The Primary Servers and Satellites work together to manage the devices. The zone’s information is stored in a database that resides on one of the Primary Servers or externally on another server that does not have ZENworks installed on it.
The Primary Server is the focal point of the ZENworks system. Depending on the number and location of the devices that you want to manage with ZENworks, you might need additional Primary Servers. The ZENworks services are added to each Primary Server (physical or virtual) during installation and configuration of the ZENworks software.
You can also set up the Primary Server by deploying ZENworks Appliance to the supported virtual infrastructure. ZENworks Appliance is built on the customized SUSE Linux Enterprise Server 11 JeOS (SLES 11), and is preinstalled with the ZENworks Server.
The Primary Server contains the following ZENworks components:
ZENworks services: The ZENworks software that provides software management, policy enforcement, imaging, inventory collection, asset management, and so forth. The main services are ZENworks Server Service, ZENworks Loader, ZENworks Imaging Service, and ZENworks Management Service.
Content repository: The content repository is used extensively with ZENworks Configuration Management to store software files waiting to be distributed to devices; however, it has limited use with ZENworks Asset Management.
In ZENworks Configuration Management, it contains the software, policies, and configuration metadata (stored in the database). The policies and software are available for delivery to managed devices within the system. The content is compressed and encrypted. By default, content is automatically replicated among all Primary Servers in the Management Zone, based on a schedule that you control. However, you can configure this to exclude certain servers. It also contains the update packages used to update the ZENworks system files.
In ZENworks Asset Management, it contains the update packages used to update the ZENworks system files and the Product Recognition Updates used for product recognition during inventorying of software and hardware.
ZENworks database: Contains information about the software bundles for delivery, the hardware and software inventory lists collected from devices, information about the ZENworks Control Center objects (devices, users, bundles, policies, and so on), centralized system messages, license tracking and usage data, and other transactional data, and the actions scheduled to take place within the system.
You can install the embedded Sybase SQL Anywhere database that is included with ZENworks 11 SP2, or you can use an external Sybase SQL database, Oracle database, or a Microsoft SQL database. For detailed information about the supported database versions, seeZENworks 11 Server Installation Guide.
If you use the embedded database, it must reside on one, and only one, Primary Server per Management Zone. If you use an external database, you can install the database on a server that is not a Primary Server. By default, all Primary Servers require access to the ZENworks database, wherever it resides, to write their data.
You can also specify that certain servers roll up their information to other servers.
If you want to use a Microsoft SQL database, you might want to consider locating a Microsoft SQL database in a Microsoft server cluster for accessibility and reliability purposes.
A Satellite is a device that can perform certain roles that a ZENworks Primary Server normally performs. A Satellite can be any managed or Linux device (server or workstation). When you configure a Satellite device, you specify which roles it performs:
Imaging: Installs the Imaging services and adds the Imaging role to the device. With this role, the device can be used as an Imaging server to perform all the Imaging operations, such as taking an image and applying an image within as well as across subnets by using unicast or multicast imaging.
Collection: If you want to improve information roll-up access for a group of devices to minimize traffic to the ZENworks Primary Server that is hosting the ZENworks database, you can enable the Collection role on a device. For example, if you have devices that are rolling up information to a Primary Server outside of their network segment, you can minimize network traffic by enabling the Collection role on a device within the network segment to accept the information from the other devices in that segment. That Collection role device is then the only device from that segment that is rolling up information to the Primary Server.
Content: If you want to improve content access for a group of devices without creating another Primary Server, you can create the Content role on a device. For example, if you have devices that are accessing a Primary Server outside of their network segment, you can create the Content role on a device within the network segment to service those devices.
Authentication: If you want to speed up the authentication process of the devices with the ZENworks Management Zone, you can enable the Authentication role on a device. Satellite devices with the Authentication role can now speed the authentication process by spreading the workload among various devices and by performing authentication locally to managed devices.You can have multiple Satellite devices with the Authentication role. In addition, each Satellite with the Authentication role can have multiple user sources configured and each Satellite can have multiple connections to each user source to provide failover.
For more information, see ZENworks 11 Primary Server and Satellite Reference.
A managed device is a Windows or Linux device that you can use ZENworks to manage. The ZENworks Adaptive Agent must be installed on each device in order for it to be managed. The Adaptive Agent communicates with a Primary Server to enable delivery of software, enforcement of configuration policies, inventorying of hardware and software, and remote management of the device.
Each managed device attempts to contact its initial Primary Server. However, if content is unavailable on that Primary Server, the managed device requests it from another Primary Server or a Satellite Server with the Content role configured in the Management Zone, and continues until it finds a server that can provide the content.
A managed device can be registered in only one Management Zone and is therefore managed only in that zone.
You might have devices where the Adaptive Agent cannot be installed, or devices where you do not want to install the Adaptive Agent. To inventory these devices, you can either install the Inventory-Only agent or run the Portable Collector.
For more information, see the ZENworks 11 Discovery, Deployment, and Retirement Reference.
A Management Zone consists of one or more Primary Servers and one or more managed devices. The Primary Servers in the zone work together to manage the devices. The zone’s information is stored in a database that resides on one of the Primary Servers or externally on another server that does not have ZENworks installed on it. The zone might also contain Satellites.