Chat now with support
Chat with Support

KACE Systems Deployment Appliance 9.1 Common Documents - Administrator Guide

About the KACE Systems Deployment Appliance Getting started Using the Dashboard Configuring the appliance Setting up user accounts and user authentication Configuring security settings Preparing for deployment Managing device inventory Using labels Creating a Windows or Linux Boot Environment Managing drivers Capturing images Capturing user states Creating scripted installations Creating a task sequence Automating deployments Performing manual deployments Managing custom deployments Managing offline deployments About the Remote Site Appliance Importing and exporting appliance components Managing disk space Troubleshooting appliance issues Updating appliance software Glossary About us Legal notices

Best practices for using external storage

Best practices for using external storage

Moving to external storage makes all your deployments, image captures, media uploads, and downloads dependent on the stability and speed of the external server and its network connection to the appliance. To that end, there are several recommendations to follow.

The external storage server is a dedicated device

It should not provide shares or other functionality to other machines or devices in order to avoid resource conflicts. The data can only be passed to the appliance (and out of the client machine) as quickly as the storage server can provide it. If the storage server is tied up sending data to other devices it will impact deployment/capture times and could even lead to deployment failure.

The external storage server is connected to the physical appliance by its own private network

The appliance has two network ports, the second network port should be used to connect the external storage server on its own private network isolated from the appliance front-end network. Connecting the storage server over the appliance front-end network effectively cuts your network band width in half, making a 1 GB network a 500 MB network. During capture/deployment the data must come to the appliance from the storage server and then from the appliance to the client. Using the front end network means the data must traverse the front end NIC twice. This will have a drastic performance impact and could lead to failed deployments due to network congestion. Additionally, the storage server and the appliance should be connected on the same physical switch (VLAN/subnet). Any latency of packets caused be traversing multiple switches/routers directly translates to longer or failed deployments and should be avoided.

The external storage server should be enterprise class hardware

Since the appliance deployment speed is dependent on the storage server being able to keep up with the load, any delay caused by a slow storage server will translate into long deployments or failed deployments. Therefore, as an example, if using a network-attached storage (NAS) device, a desktop or SOHO (small office/home office) model would not be appropriate. Likewise the use of a virtual machine as a storage server is discouraged, in testing and in the field we have found no matter how robust the infrastructure, the virtual server, specifically NFS (network file system) is not reliable under heavy load.

The drives on the storage server are high speed high performance drives

Any time the storage server must delay sending data to the appliance, because it is waiting to read the drives, will translate into longer deployments or failed deployments. There are many different drive manufacturers so it is not possible to rate them, all but as an example Western Digital® drives come in four types: Green (echo friendly), Blue (consumer), Red (low-grade raid), and Black (high performance). We would recommend using only the Black high performance drives. If your storage server is using SAN (storage area network) drives ensure they can produce performance equal to or better than the high performance physical drives. It is recommended SAN drives are bench marked tested as some operating systems can not utilize the throughput the SAN is rated for.

Anti-virus software is not installed on your storage server

If you must have an anti virus on your storage server, it must be configured to ignore the appliance share completely. Most anti-virus software solutions use a scan on access which means any file accessed is scanned before being sent out across the network. WIM files are going to be several GB in size, causing the scan to take a very long time, which in turn will cause deployment timeout issues. Also many anti-virus software solutions choose to quarantine uploaded files if they seem to be compromised. This is especially true for driver files which could be catastrophic when they get quarantined, causing deployments to fail with blue screens because the driver needed it no longer part of the image. Further anti-virus and security policies can make or force changes to the file permissions or ownership, causing the appliance to no longer have access to them.

For additional information, visit https://support.quest.com/kace-systems-deployment-appliance/kb/111864. This article provides a list of tested NAS devices, however there are others that provide adequate functionality. KACE does not publish any specifications for Windows-based storage servers, so it is important if using a Windows machine to ensure it runs on modern enterprise-class hardware.

Troubleshooting appliance issues

Test device connections on the network
Enable a tether to Quest KACE Technical Support
Open a support ticket
Troubleshooting the Boot Manager
Recovering devices
Shutting down and rebooting the appliance
Best practices for backing up appliance data

You can access the appliance Support Portal to request a Support team tether to your appliance. You can also test the Boot Manager, recover devices, and download log files from the Administrator Console, which can be useful during troubleshooting.

You can also download the appliance Advisor, which is a utility that queries the database of your appliance, to gather information about your appliance in an HTML report to help with gathering data or troubleshooting the appliance. For more information, or to download the appliance Advisor, go to http://www.itninja.com/blog/view/k2-advisor.

Test device connections on the network

Test device connections on the network

You can use the ping program to test network connectivity.

1.
On the left navigation pane, click Support > Support Portal to display the KACE Support Portal panel.
2.
Click Troubleshooting to display the Support Troubleshooting Tools page.
3.
From the Tool drop-down list, select ping.
4.
Enter the IP address of the device and click Test.
Results are displayed.
5.
Optional. Use other programs, as needed. Simply select the program from the drop-down list, and click Test.
The following programs are available:
nslookup: A network administration command-line tool available for many computer operating systems for querying the Domain Name System to obtain domain name or IP address mapping or for any other specific DNS record.
arp: The Address Resolution Protocol (arp) is a communication protocol used for discovering the link layer address associated with a given IPv4 address, a critical function in the Internet protocol suite.
dig: A network administration command-line tool for querying Domain Name System servers. dig is useful for network troubleshooting and for educational purposes
ifconfig: A system administration utility in Unix-like operating systems for network interface configuration. The utility is a command line interface tool and is also used in the system startup scripts of many operating systems.
iostat: A computer system monitor tool used to collect and show operating system storage input and output statistics.
traceroute: A computer network diagnostic tool for displaying the route and measuring transit delays of packets across an Internet Protocol network.
curl: cURL is a computer software project providing a library and command-line tool for transferring data using various protocols. The cURL project produces two products, libcurl and cURL.
Service Status: Displays a list of services running on the appliance.
showmount: Displays the shares available on a specific IP address.
tcpdump: A common packet analyzer that runs under the command line. It allows the user to display TCP/IP and other packets being transmitted or received over a network to which the computer is attached.
netcat: a computer networking utility for reading from and writing to network connections using TCP or UDP. Netcat is designed to be a dependable back-end that can be used directly or easily driven by other programs and scripts.
Display Free Disk Space: Shows the available disk space on the appliance.
database: Provides database response metrics.
netstat: displays network connections for the Transmission Control Protocol (both incoming and outgoing), routing tables, and a number of network interface (network interface controller or software-defined network interface) and network protocol statistics.
smbstatus: A very simple program that displays the Samba status and lists the current Samba connections.
smbversion: Displays the Samba version.
top: A task manager program found in many Unix-like operating systems. It produces an ordered list of running processes selected by user-specified criteria, and updates it periodically.

Enable a tether to Quest KACE Technical Support

Enable a tether to Quest KACE Technical Support

You can access the Quest Support Portal to request a tether to your appliance to enable Quest KACE Technical Support to troubleshoot issues.

Obtain a tethering key by contacting Quest KACE Technical Support at https://support.quest.com/contact-support.

To ensure security, enable remote access to the appliance after the Support team authorizes you to do so.

1.
On the left navigation pane, click Settings > Control Panel to display the Control Panel, then click Security to display the Security Settings page.
2.
Select the Allow SSH Root Login (KACE Support) check box.
3.
Click Save.
4.
On the left navigation pane, click Support > Support Portal to display the KACE Support Portal panel.
5.
Under Contact Quest KACE, click Enter a Tether key to display the Support Tether Key page.
6.
Observe the alert at the top of the page.
By enabling a tether, you allow KACE Technical Support to access your appliance. Ensure that this process complies with your organization's security guidelines. By default, a tether expires after 21 days, but you can disable an enabled tether it at any time.
7.
In the text field, type the description of the problem, and complete one of the following steps.
To obtain the tether key automatically and send the message to Technical Support, click Enable Tether.

If the process fails, select Enable Tether and type the tether key, as prompted. Click Save.
To use a tether key provided by Technical Support, click I already have a tether key, then select Enable Tether and type the tether key, as prompted. Click Save.

The Support Tether Key page displays the date and time the tether key expires, and the tether log. Quest KACE Technical Support now has remote access to your appliance. To disable the tether at any time, click Disable Tether.

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating